CVE-2025-39931

Summary

In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Set merge to zero early in af_alg_sendmsg

If an error causes af_alg_sendmsg to abort, ctx->merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into af_alg_sendmsg when it attempts to do a merge that can't be done.

Fix this by setting ctx->merge to zero near the start of the loop.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 28f6f37abca7c5c9eb3959c66310f1d4d98b8aafaffected
LinuxLinux8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < db2b42425dfbde4983b0c20fb7cfa05f70e6a745affected
LinuxLinux8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 6241b9e2809b12da9130894cf5beddf088dc1b8aaffected
LinuxLinux8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 2374c11189ef704a3e4863646369f1b8e6a27d71affected
LinuxLinux8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 24c1106504c625fabd3b7229611af617b4c27ac7affected
LinuxLinux8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 045ee26aa3920a47ec46d7fcb302420bf01fd753affected
LinuxLinux8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 9574b2330dbd2b5459b74d3b5e9619d39299fc6faffected
LinuxLinux2.6.38affected
LinuxLinux0 < 2.6.38unaffected
LinuxLinux5.10.260 <= 5.10.*unaffected
LinuxLinux5.15.211 <= 5.15.*unaffected
LinuxLinux6.1.154 <= 6.1.*unaffected
LinuxLinux6.6.108 <= 6.6.*unaffected
LinuxLinux6.12.49 <= 6.12.*unaffected
LinuxLinux6.16.9 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

Additional References

References