CVE-2025-22060

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: mvpp2: Prevent parser TCAM memory corruption<br /> <br /> Protect the parser TCAM/SRAM memory, and the cached (shadow) SRAM<br /> information, from concurrent modifications.<br /> <br /> Both the TCAM and SRAM tables are indirectly accessed by configuring<br /> an index register that selects the row to read or write to. This means<br /> that operations must be atomic in order to, e.g., avoid spreading<br /> writes across multiple rows. Since the shadow SRAM array is used to<br /> find free rows in the hardware table, it must also be protected in<br /> order to avoid TOCTOU errors where multiple cores allocate the same<br /> row.<br /> <br /> This issue was detected in a situation where `mvpp2_set_rx_mode()` ran<br /> concurrently on two CPUs. In this particular case the<br /> MVPP2_PE_MAC_UC_PROMISCUOUS entry was corrupted, causing the<br /> classifier unit to drop all incoming unicast - indicated by the<br /> `rx_classifier_drops` counter.