Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2025-22088

HIGH7.8

RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()

Published Apr 16, 2025

Modified 2 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()

After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue.

References

WEBhttps://git.kernel.org/stable/c/667a628ab67d359166799fad89b3c6909599558a WEBhttps://git.kernel.org/stable/c/78411a133312ce7d8a3239c76a8fd85bca1cc10f WEBhttps://git.kernel.org/stable/c/7aa6bb5276d9fec98deb05615a086eeb893854ad WEBhttps://git.kernel.org/stable/c/83437689249e6a17b25e27712fbee292e42e7855 WEBhttps://git.kernel.org/stable/c/a114d25d584c14019d31dbf2163780c47415a187 WEBhttps://git.kernel.org/stable/c/bc1db4d8f1b0dc480d7d745a60a8cc94ce2badd4 WEBhttps://lists.debian.org/debian-lts-announce/2025/05/msg00045.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2025-22088

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedApr 16, 2025

ModifiedNov 3, 2025

CVE-2025-22088 | Mondoo Vulnerability Intelligence