CVE-2025-39931
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
crypto: af_alg - Set merge to zero early in af_alg_sendmsg
If an error causes af_alg_sendmsg to abort, ctx->merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into af_alg_sendmsg when it attempts to do a merge that can't be done.
Fix this by setting ctx->merge to zero near the start of the loop.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 28f6f37abca7c5c9eb3959c66310f1d4d98b8aaf | affected |
| Linux | Linux | 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < db2b42425dfbde4983b0c20fb7cfa05f70e6a745 | affected |
| Linux | Linux | 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 6241b9e2809b12da9130894cf5beddf088dc1b8a | affected |
| Linux | Linux | 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 2374c11189ef704a3e4863646369f1b8e6a27d71 | affected |
| Linux | Linux | 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 24c1106504c625fabd3b7229611af617b4c27ac7 | affected |
| Linux | Linux | 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 045ee26aa3920a47ec46d7fcb302420bf01fd753 | affected |
| Linux | Linux | 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 9574b2330dbd2b5459b74d3b5e9619d39299fc6f | affected |
| Linux | Linux | 2.6.38 | affected |
| Linux | Linux | 0 < 2.6.38 | unaffected |
| Linux | Linux | 5.10.260 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.211 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.154 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.108 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.49 <= 6.12.* | unaffected |
| Linux | Linux | 6.16.9 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
ADP Enrichment
Additional References
References
- https://git.kernel.org/stable/c/28f6f37abca7c5c9eb3959c66310f1d4d98b8aaf
- https://git.kernel.org/stable/c/db2b42425dfbde4983b0c20fb7cfa05f70e6a745
- https://git.kernel.org/stable/c/6241b9e2809b12da9130894cf5beddf088dc1b8a
- https://git.kernel.org/stable/c/2374c11189ef704a3e4863646369f1b8e6a27d71
- https://git.kernel.org/stable/c/24c1106504c625fabd3b7229611af617b4c27ac7
- https://git.kernel.org/stable/c/045ee26aa3920a47ec46d7fcb302420bf01fd753
- https://git.kernel.org/stable/c/9574b2330dbd2b5459b74d3b5e9619d39299fc6f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.