CVE-2025-40019 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

crypto: essiv - Check ssize for decryption and in-place encryption

Move the ssize check to the start in essiv_aead_crypt so that
it's also checked for decryption and in-place encryption.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00014.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/248ff2797ff52a8cbf86507f9583437443bf7685
https://git.kernel.org/stable/c/6bb73db6948c2de23e407fe1b7ef94bf02b7529f
https://git.kernel.org/stable/c/da7afb01ba05577ba3629f7f4824205550644986
https://git.kernel.org/stable/c/dc4c854a5e7453c465fa73b153eba4ef2a240abe
https://git.kernel.org/stable/c/df58651968f82344a0ed2afdafd20ecfc55ff548
https://git.kernel.org/stable/c/f37e7860dc5e94c70b4a3e38a5809181310ea9ac

History

Fri, 24 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.
Title		crypto: essiv - Check ssize for decryption and in-place encryption
References		https://git.kernel.org/stable/c/248ff2797ff52a8cbf86507f9583437443bf7685 https://git.kernel.org/stable/c/6bb73db6948c2de23e407fe1b7ef94bf02b7529f https://git.kernel.org/stable/c/da7afb01ba05577ba3629f7f4824205550644986 https://git.kernel.org/stable/c/dc4c854a5e7453c465fa73b153eba4ef2a240abe https://git.kernel.org/stable/c/df58651968f82344a0ed2afdafd20ecfc55ff548 https://git.kernel.org/stable/c/f37e7860dc5e94c70b4a3e38a5809181310ea9ac

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-24T11:44:29.864Z

Updated: 2025-10-24T11:44:29.864Z

Reserved: 2025-04-16T07:20:57.152Z

Link: CVE-2025-40019

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-24T12:15:37.820

Modified: 2025-10-24T12:15:37.820

Link: CVE-2025-40019

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-40019", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.152Z", "datePublished": "2025-10-24T11:44:29.864Z", "dateUpdated": "2025-10-24T11:44:29.864Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-24T11:44:29.864Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: essiv - Check ssize for decryption and in-place encryption\n\nMove the ssize check to the start in essiv_aead_crypt so that\nit's also checked for decryption and in-place encryption."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["crypto/essiv.c"], "versions": [{"version": "be1eb7f78aa8fbe34779c56c266ccd0364604e71", "lessThan": "df58651968f82344a0ed2afdafd20ecfc55ff548", "status": "affected", "versionType": "git"}, {"version": "be1eb7f78aa8fbe34779c56c266ccd0364604e71", "lessThan": "248ff2797ff52a8cbf86507f9583437443bf7685", "status": "affected", "versionType": "git"}, {"version": "be1eb7f78aa8fbe34779c56c266ccd0364604e71", "lessThan": "f37e7860dc5e94c70b4a3e38a5809181310ea9ac", "status": "affected", "versionType": "git"}, {"version": "be1eb7f78aa8fbe34779c56c266ccd0364604e71", "lessThan": "dc4c854a5e7453c465fa73b153eba4ef2a240abe", "status": "affected", "versionType": "git"}, {"version": "be1eb7f78aa8fbe34779c56c266ccd0364604e71", "lessThan": "da7afb01ba05577ba3629f7f4824205550644986", "status": "affected", "versionType": "git"}, {"version": "be1eb7f78aa8fbe34779c56c266ccd0364604e71", "lessThan": "6bb73db6948c2de23e407fe1b7ef94bf02b7529f", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["crypto/essiv.c"], "versions": [{"version": "5.4", "status": "affected"}, {"version": "0", "lessThan": "5.4", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.195", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.157", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.113", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.54", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.4", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "5.15.195"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "6.1.157"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "6.6.113"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "6.12.54"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "6.17.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "6.18-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/df58651968f82344a0ed2afdafd20ecfc55ff548"}, {"url": "https://git.kernel.org/stable/c/248ff2797ff52a8cbf86507f9583437443bf7685"}, {"url": "https://git.kernel.org/stable/c/f37e7860dc5e94c70b4a3e38a5809181310ea9ac"}, {"url": "https://git.kernel.org/stable/c/dc4c854a5e7453c465fa73b153eba4ef2a240abe"}, {"url": "https://git.kernel.org/stable/c/da7afb01ba05577ba3629f7f4824205550644986"}, {"url": "https://git.kernel.org/stable/c/6bb73db6948c2de23e407fe1b7ef94bf02b7529f"}], "title": "crypto: essiv - Check ssize for decryption and in-place encryption", "x_generator": {"engine": "bippy-1.2.0"}}}}