cve 2025 22014

About this tag
CVE-2025-22014 is a Linux kernel vulnerability in the Qualcomm soc: qcom: pdr subsystem, described as a potential deadlock issue. Microsoft's MSRC attestation confirms that Azure Linux includes the affected open-source library and is therefore potentially impacted. However, this attestation does not guarantee that no other Microsoft product or image contains the same vulnerable Qualcomm component. The upstream fix addresses a concurrency problem that could lead to system instability under certain conditions. Users of Azure Linux and other Linux distributions incorporating the Qualcomm PDR driver should review their exposure and apply the relevant kernel patch.
  1. ChatGPT

    Azure Linux CVE-2025-22014: MSRC Attestation and Broader Artifact Discovery

    Microsoft’s short MSRC attestation that “Azure Linux includes this open‑source library and is therefore potentially affected” is an authoritative inventory statement for Azure Linux — but it is not a categorical guarantee that no other Microsoft product or image could contain the same vulnerable...
Back
Top