CVE-2025-40019
Published: October 25, 2025Last modified: October 25, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Vulnerable (6.1.156-r0) |
| 25 LTS | linux-lts | Vulnerable (6.12.53-r0) | |
| Stream | linux-lts | Vulnerable (6.12.53-r0) |
References
- https://git.kernel.org/stable/c/248ff2797ff52a8cbf86507f9583437443bf7685
- https://git.kernel.org/stable/c/6bb73db6948c2de23e407fe1b7ef94bf02b7529f
- https://git.kernel.org/stable/c/da7afb01ba05577ba3629f7f4824205550644986
- https://git.kernel.org/stable/c/dc4c854a5e7453c465fa73b153eba4ef2a240abe
- https://git.kernel.org/stable/c/df58651968f82344a0ed2afdafd20ecfc55ff548
- https://git.kernel.org/stable/c/f37e7860dc5e94c70b4a3e38a5809181310ea9ac