CVE-2025-40019

Summary

In the Linux kernel, the following vulnerability has been resolved:

crypto: essiv - Check ssize for decryption and in-place encryption

Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbe1eb7f78aa8fbe34779c56c266ccd0364604e71 < 29294dd6f1e7acf527255fb136ffde6602c3a129affected
LinuxLinuxbe1eb7f78aa8fbe34779c56c266ccd0364604e71 < 71f03f8f72d9c70ffba76980e78b38c180e61589affected
LinuxLinuxbe1eb7f78aa8fbe34779c56c266ccd0364604e71 < df58651968f82344a0ed2afdafd20ecfc55ff548affected
LinuxLinuxbe1eb7f78aa8fbe34779c56c266ccd0364604e71 < 248ff2797ff52a8cbf86507f9583437443bf7685affected
LinuxLinuxbe1eb7f78aa8fbe34779c56c266ccd0364604e71 < f37e7860dc5e94c70b4a3e38a5809181310ea9acaffected
LinuxLinuxbe1eb7f78aa8fbe34779c56c266ccd0364604e71 < dc4c854a5e7453c465fa73b153eba4ef2a240abeaffected
LinuxLinuxbe1eb7f78aa8fbe34779c56c266ccd0364604e71 < da7afb01ba05577ba3629f7f4824205550644986affected
LinuxLinuxbe1eb7f78aa8fbe34779c56c266ccd0364604e71 < 6bb73db6948c2de23e407fe1b7ef94bf02b7529faffected
LinuxLinux5.4affected
LinuxLinux0 < 5.4unaffected
LinuxLinux5.4.301 <= 5.4.*unaffected
LinuxLinux5.10.246 <= 5.10.*unaffected
LinuxLinux5.15.195 <= 5.15.*unaffected
LinuxLinux6.1.157 <= 6.1.*unaffected
LinuxLinux6.6.113 <= 6.6.*unaffected
LinuxLinux6.12.54 <= 6.12.*unaffected
LinuxLinux6.17.4 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References