CVE-2025-40022

Summary

In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Fix incorrect boolean values in af_alg_ctx

Commit 1b34cbbf4f01 ("crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg") changed some fields from bool to 1-bit bitfields of type u32.

However, some assignments to these fields, specifically 'more' and 'merge', assign values greater than 1. These relied on C's implicit conversion to bool, such that zero becomes false and nonzero becomes true.

With a 1-bit bitfields of type u32 instead, mod 2 of the value is taken instead, resulting in 0 being assigned in some cases when 1 was intended.

Fix this by restoring the bool type.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0f28c4adbc4a97437874c9b669fd7958a8c6d6ce < 3a21698ace915a445bce2d0dcfc84b6d2199baf7affected
LinuxLinuxe4c1ec11132ec466f7362a95f36a506ce4dc08c9 < d382d6daf0184490f366562469a5673f65ee2662affected
LinuxLinux1f323a48e9b5ebfe6dc7d130fdf5c3c0e92a07c8 < 54506c6335690f4ef1b9f154e34f5a604c72c1edaffected
LinuxLinux7c4491b5644e3a3708f3dbd7591be0a570135b84 < 8703940bd30b5ad94408d28d7192db2491cd3592affected
LinuxLinux9aee87da5572b3a14075f501752e209801160d3d < 316b090c2fee964c307a634fecc7df269664b158affected
LinuxLinux45bcf60fe49b37daab1acee57b27211ad1574042 < fbe96bd25423e61273d8831e995260b429d850b6affected
LinuxLinux1b34cbbf4f011a121ef7b2d7d6e6920a036d5285 < d0ca0df179c4b21e2a6c4a4fb637aa8fa14575cbaffected
LinuxLinux6.1.154 < 6.1.155affected
LinuxLinux6.6.108 < 6.6.109affected
LinuxLinux6.12.49 < 6.12.50affected
LinuxLinux6.16.9 < 6.16.10affected

Weaknesses

ADP Enrichment

Additional References

References