PT-2025-41786 · Linux+3 · Linux Kernel+3
CVE-2025-39964
·
Publicado
2025-09-16
·
Atualizado
2026-05-26
CVSS v2.0
4.6
Média
| Vetor | AV:L/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The Linux kernel contains an issue in the crypto/af alg module where concurrent writes to the same af alg socket can lead to data interleaving and inconsistencies in the internal socket state. This occurs because multiple write operations to the same socket are not permitted, as they can result in unpredictable data mixing and potential corruption of the socket's internal state. The issue is addressed by introducing a
ctx->write field to indicate exclusive ownership for writing.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
Linuxmint
Linux Kernel
Ubuntu