PT-2025-43614 · Linux+4 · Linux Kernel+4

Published

2025-10-24

·

Updated

2026-05-26

·

CVE-2025-40019

CVSS v2.0

5.2

Medium

VectorAV:L/AC:L/Au:S/C:N/I:P/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains an issue within the crypto/essiv module. A missing size check (ssize) during decryption and in-place encryption could potentially lead to problems. The fix involves moving the ssize check to the beginning of the essiv aead crypt function to ensure it is performed for both decryption and in-place encryption operations.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

AZL-68766
BDU:2026-01277
CVE-2025-40019
DLA-4379-1
DLA-4404-1
DSA-6053-1
ECHO-DFE5-3CD6-4380
MGASA-2025-0309
MGASA-2025-0310
OESA-2025-2551
OESA-2025-2552
OESA-2025-2556
OESA-2025-2764
OESA-2025-2769
OPENSUSE-SU-2025:15702-1
OPENSUSE-SU-2025:20091-1
OPENSUSE-SU-2026:10301-1
SUSE-SU-2025:21040-1
SUSE-SU-2025:21052-1
SUSE-SU-2025:21056-1
SUSE-SU-2025:21064-1
SUSE-SU-2025:21080-1
SUSE-SU-2025:21147-1
SUSE-SU-2025:21180-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4128-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4140-1
SUSE-SU-2025:4141-1
SUSE-SU-2025:4301-1
SUSE-SU-2026:0263-1
SUSE-SU-2026:0317-1
SUSE-SU-2026:0350-1
SUSE-SU-2026:0369-1
SUSE-SU-2026:0411-1
SUSE-SU-2026:0617-1
USN-7990-1
USN-7990-2
USN-7990-3
USN-7990-4
USN-7990-5
USN-7990-6
USN-8013-1
USN-8013-2
USN-8013-3
USN-8013-4
USN-8014-1
USN-8015-1
USN-8015-2
USN-8015-3
USN-8015-4
USN-8015-5
USN-8016-1
USN-8052-1
USN-8074-1
USN-8074-2
USN-8126-1
USN-8224-1

Affected Products

Debian
Linuxmint
Linux Kernel
Suse
Ubuntu