CVE-2025-39777

Summary

In the Linux kernel, the following vulnerability has been resolved:

crypto: acomp - Fix CFI failure due to type punning

To avoid a crash when control flow integrity is enabled, make the workspace ("stream") free function use a consistent type, and call it through a function pointer that has that same type.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux42d9f6c774790d290c175e8775ce9f1366438098 < 7ec68c59461ca846aab9b7c2b39f63ac7c8a43cfaffected
LinuxLinux42d9f6c774790d290c175e8775ce9f1366438098 < 962ddc5a7a4b04c007bba0f3e7298cda13c62efdaffected
LinuxLinux6.16affected
LinuxLinux0 < 6.16unaffected
LinuxLinux6.16.4 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References