CVE-2025-39797

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The Linux kernel contains a flaw related to the handling of Security Parameter Index (SPI) values within the XFRM framework. Specifically, the xfrm alloc spi() function may return success even when a requested SPI is already in use, leading to duplicate SPI assignments for inbound Security Associations (SAs). This occurs when SAs are differentiated only by their destination addresses. This inconsistency during SPI lookups can cause packet processing failures and packet drops, violating RFC 4301 section 4.4.2, which states that a unicast SA is uniquely identified by the SPI and protocol for inbound processing. The issue is consistently reproducible with a restricted SPI range. The xfrm spi hash() lookup function computes a hash using the destination address, protocol, and family, potentially leading to incorrect lookups when duplicate SPIs exist with different destination addresses.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.