CVE-2025-22002: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: netfs: Call `invalidate_cache` only if implemented Many filesystems such as NFS and Ceph do not implement the `invalidate_cache` method. On those filesystems, if writing to the cache (`NETFS_WRITE_TO_CACHE`) fails for some reason, the kernel crashes like this: BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor instruction fetch in kernel mode #PF: error_code(0x0010) - not-present page PGD 0 P4D 0 Oops: Oops: 0010 [#1] SMP PTI CPU: 9 UID: 0 PID: 3380 Comm: kworker/u193:11 Not tainted 6.13.3-cm4all1-hp #437 Hardware name: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 10/17/2018 Workqueue: events_unbound netfs_write_collection_worker RIP: 0010:0x0 Code: Unable to access opcode bytes at 0xffffffffffffffd6. RSP: 0018:ffff9b86e2ca7dc0 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 7fffffffffffffff RDX: 0000000000000001 RSI: ffff89259d576a18 RDI: ffff89259d576900 RBP: ffff89259d5769b0 R08: ffff9b86e2ca7d28 R09: 0000000000000002 R10: ffff89258ceaca80 R11: 0000000000000001 R12: 0000000000000020 R13: ffff893d158b9338 R14: ffff89259d576900 R15: ffff89259d5769b0 FS: 0000000000000000(0000) GS:ffff893c9fa40000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 000000054442e003 CR4: 00000000001706f0 Call Trace: <TASK> ? __die+0x1f/0x60 ? page_fault_oops+0x15c/0x460 ? try_to_wake_up+0x2d2/0x530 ? exc_page_fault+0x5e/0x100 ? asm_exc_page_fault+0x22/0x30 netfs_write_collection_worker+0xe9f/0x12b0 ? xs_poll_check_readable+0x3f/0x80 ? xs_stream_data_receive_workfn+0x8d/0x110 process_one_work+0x134/0x2d0 worker_thread+0x299/0x3a0 ? __pfx_worker_thread+0x10/0x10 kthread+0xba/0xe0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x30/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> Modules linked in: CR2: 0000000000000000 This patch adds the missing `NULL` check.
AI Analysis
Technical Summary
CVE-2025-22002 is a vulnerability in the Linux kernel's network filesystem (netfs) subsystem. The issue arises because certain filesystems like NFS and Ceph do not implement the 'invalidate_cache' method. When the kernel attempts to write to the cache (indicated by the NETFS_WRITE_TO_CACHE flag) and this write operation fails, the kernel erroneously calls 'invalidate_cache' without verifying if the method is implemented. This results in a NULL pointer dereference, causing a kernel crash (kernel oops). The crash manifests as a supervisor instruction fetch fault due to accessing a null pointer address, leading to a denial of service (DoS) condition. The vulnerability is triggered in kernel mode, affecting system stability and availability. The patch for this vulnerability adds a missing NULL check before calling 'invalidate_cache', preventing the kernel from dereferencing a NULL pointer. This vulnerability affects Linux kernel versions prior to the patch and is relevant for systems using network filesystems such as NFS and Ceph. The vulnerability does not require user interaction but may be triggered by specific filesystem operations that fail to write to cache. There are no known exploits in the wild at the time of publication, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to servers and infrastructure running Linux kernels with network filesystems like NFS or Ceph. These filesystems are commonly used in enterprise environments for distributed storage and file sharing. A successful trigger of this vulnerability results in a kernel crash, causing system downtime and potential disruption of critical services relying on networked storage. This can impact data availability and operational continuity, especially in data centers, cloud providers, and organizations with large-scale storage deployments. Although the vulnerability does not directly lead to privilege escalation or data leakage, the denial of service can be leveraged as part of a broader attack to disrupt business operations. Organizations with high availability requirements or those operating critical infrastructure may face significant operational and financial impacts if affected systems crash unexpectedly. Additionally, recovery from kernel crashes may require manual intervention or system reboots, increasing administrative overhead and potential service interruptions.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should promptly apply the official Linux kernel patch that adds the necessary NULL pointer check in the netfs subsystem. System administrators should: 1) Identify and inventory Linux systems using network filesystems such as NFS and Ceph, especially those running kernel versions prior to the patch. 2) Schedule and perform kernel updates to the fixed version as soon as possible, prioritizing production and critical systems. 3) Implement monitoring for kernel oops or crash logs that may indicate attempts to trigger this vulnerability. 4) Employ redundancy and failover mechanisms for critical storage services to minimize impact from potential crashes. 5) Test patches in staging environments to ensure compatibility and stability before deployment. 6) Limit exposure by restricting access to network filesystems to trusted hosts and networks, reducing the attack surface. 7) Maintain regular backups and disaster recovery plans to quickly restore services in case of disruption. These steps go beyond generic advice by focusing on targeted patching, proactive monitoring, and operational resilience tailored to the nature of this kernel vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Denmark, Norway, Switzerland, Belgium
CVE-2025-22002: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: netfs: Call `invalidate_cache` only if implemented Many filesystems such as NFS and Ceph do not implement the `invalidate_cache` method. On those filesystems, if writing to the cache (`NETFS_WRITE_TO_CACHE`) fails for some reason, the kernel crashes like this: BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor instruction fetch in kernel mode #PF: error_code(0x0010) - not-present page PGD 0 P4D 0 Oops: Oops: 0010 [#1] SMP PTI CPU: 9 UID: 0 PID: 3380 Comm: kworker/u193:11 Not tainted 6.13.3-cm4all1-hp #437 Hardware name: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 10/17/2018 Workqueue: events_unbound netfs_write_collection_worker RIP: 0010:0x0 Code: Unable to access opcode bytes at 0xffffffffffffffd6. RSP: 0018:ffff9b86e2ca7dc0 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 7fffffffffffffff RDX: 0000000000000001 RSI: ffff89259d576a18 RDI: ffff89259d576900 RBP: ffff89259d5769b0 R08: ffff9b86e2ca7d28 R09: 0000000000000002 R10: ffff89258ceaca80 R11: 0000000000000001 R12: 0000000000000020 R13: ffff893d158b9338 R14: ffff89259d576900 R15: ffff89259d5769b0 FS: 0000000000000000(0000) GS:ffff893c9fa40000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 000000054442e003 CR4: 00000000001706f0 Call Trace: <TASK> ? __die+0x1f/0x60 ? page_fault_oops+0x15c/0x460 ? try_to_wake_up+0x2d2/0x530 ? exc_page_fault+0x5e/0x100 ? asm_exc_page_fault+0x22/0x30 netfs_write_collection_worker+0xe9f/0x12b0 ? xs_poll_check_readable+0x3f/0x80 ? xs_stream_data_receive_workfn+0x8d/0x110 process_one_work+0x134/0x2d0 worker_thread+0x299/0x3a0 ? __pfx_worker_thread+0x10/0x10 kthread+0xba/0xe0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x30/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> Modules linked in: CR2: 0000000000000000 This patch adds the missing `NULL` check.
AI-Powered Analysis
Technical Analysis
CVE-2025-22002 is a vulnerability in the Linux kernel's network filesystem (netfs) subsystem. The issue arises because certain filesystems like NFS and Ceph do not implement the 'invalidate_cache' method. When the kernel attempts to write to the cache (indicated by the NETFS_WRITE_TO_CACHE flag) and this write operation fails, the kernel erroneously calls 'invalidate_cache' without verifying if the method is implemented. This results in a NULL pointer dereference, causing a kernel crash (kernel oops). The crash manifests as a supervisor instruction fetch fault due to accessing a null pointer address, leading to a denial of service (DoS) condition. The vulnerability is triggered in kernel mode, affecting system stability and availability. The patch for this vulnerability adds a missing NULL check before calling 'invalidate_cache', preventing the kernel from dereferencing a NULL pointer. This vulnerability affects Linux kernel versions prior to the patch and is relevant for systems using network filesystems such as NFS and Ceph. The vulnerability does not require user interaction but may be triggered by specific filesystem operations that fail to write to cache. There are no known exploits in the wild at the time of publication, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to servers and infrastructure running Linux kernels with network filesystems like NFS or Ceph. These filesystems are commonly used in enterprise environments for distributed storage and file sharing. A successful trigger of this vulnerability results in a kernel crash, causing system downtime and potential disruption of critical services relying on networked storage. This can impact data availability and operational continuity, especially in data centers, cloud providers, and organizations with large-scale storage deployments. Although the vulnerability does not directly lead to privilege escalation or data leakage, the denial of service can be leveraged as part of a broader attack to disrupt business operations. Organizations with high availability requirements or those operating critical infrastructure may face significant operational and financial impacts if affected systems crash unexpectedly. Additionally, recovery from kernel crashes may require manual intervention or system reboots, increasing administrative overhead and potential service interruptions.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should promptly apply the official Linux kernel patch that adds the necessary NULL pointer check in the netfs subsystem. System administrators should: 1) Identify and inventory Linux systems using network filesystems such as NFS and Ceph, especially those running kernel versions prior to the patch. 2) Schedule and perform kernel updates to the fixed version as soon as possible, prioritizing production and critical systems. 3) Implement monitoring for kernel oops or crash logs that may indicate attempts to trigger this vulnerability. 4) Employ redundancy and failover mechanisms for critical storage services to minimize impact from potential crashes. 5) Test patches in staging environments to ensure compatibility and stability before deployment. 6) Limit exposure by restricting access to network filesystems to trusted hosts and networks, reducing the attack surface. 7) Maintain regular backups and disaster recovery plans to quickly restore services in case of disruption. These steps go beyond generic advice by focusing on targeted patching, proactive monitoring, and operational resilience tailored to the nature of this kernel vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-29T08:45:45.802Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9833c4522896dcbe8ecb
Added to database: 5/21/2025, 9:09:07 AM
Last enriched: 6/30/2025, 11:43:35 AM
Last updated: 8/18/2025, 7:33:06 PM
Views: 16
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.