CVE-2025-22106: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-22106 is a vulnerability discovered in the Linux kernel's vmxnet3 driver, specifically related to the handling of XDP (eXpress Data Path) receive queue information during reset operations. The vulnerability was disclosed on April 16, 2025, affecting various Linux distributions and their kernel versions (NVD, Ubuntu).

The vulnerability occurs because vmxnet3 does not properly unregister xdp rxq info in the vmxnet3_reset_work() code path, as vmxnet3_rq_destroy() is not invoked in this path. This results in a warning message with backtrace: 'WARNING: CPU:48 PID: 500 at net/core/xdp.c:182 __xdp_rxq_info_reg+0x93/0xf0'. The issue has been assigned a CVSS v3.1 base score of 4.4 with vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (Red Hat).

The vulnerability primarily affects system stability and availability. While it doesn't present direct security risks for confidentiality or integrity, it can lead to system warnings and potential resource management issues in affected Linux systems running the vmxnet3 driver (Red Hat).

A fix has been developed that moves the unregister code of XDP from vmxnet3_rq_destroy() to vmxnet3_rq_cleanup(). This patch has been integrated into various Linux distributions, with Ubuntu and Red Hat providing updates for affected versions. Some versions, such as Ubuntu 22.04 LTS and earlier, are not affected by this vulnerability (Ubuntu, Debian).