AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2022-49625: In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creati

mediumvulnerability

security

Source: NVD/CVE DatabaseFebruary 26, 2025CVE-2022-49625

Summary

A bug in the Linux kernel's sfc (Solarflare network driver) caused a kernel panic when creating virtual functions (VFs, which are virtual network devices that share a physical network card). The crash happened because the code tried to unmap memory using vunmap while in an interrupt context, which is not allowed.

Solution / Mitigation

The patch reenables bottom-half processing (BH) before releasing the DMA coherent buffer (a block of memory used for direct memory access between devices). This allows vunmap to safely unmap the memory outside of the interrupt context where it would cause a crash.

Vulnerability Details

CVSS Score

5.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-476

Original source: https://nvd.nist.gov/vuln/detail/CVE-2022-49625

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%