CVE-2025-22060: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-22060 is a vulnerability discovered in the Linux kernel affecting the mvpp2 network driver. The issue was disclosed on April 16, 2025, and involves parser TCAM memory corruption in the network subsystem. The vulnerability specifically affects the parser TCAM/SRAM memory and the cached (shadow) SRAM information handling (NVD, Debian Tracker).

The vulnerability stems from concurrent modifications to both TCAM and SRAM tables that are indirectly accessed through an index register that selects the row to read or write. The issue manifests when mvpp2_set_rx_mode() runs concurrently on multiple CPUs, leading to potential corruption of the MVPP2PEMACUCPROMISCUOUS entry. Red Hat has assigned this vulnerability a CVSS v3.1 Base Score of 5.5 with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Red Hat CVE).

When exploited, the vulnerability causes the classifier unit to drop all incoming unicast traffic, which can be observed through increased rx_classifier_drops counter values. This can lead to significant network connectivity issues and potential denial of service conditions (NVD).

The issue has been resolved in Linux kernel version 6.12.25-1 for Debian systems. Various Linux distributions have released patches, with Debian marking the fix as implemented in the sid release while earlier versions remain vulnerable (Debian Tracker).