CVE-2025-40022

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the crypto/af alg subsystem. A change introduced by commit 1b34cbbf4f01 altered data types from bool to 1-bit bitfields of type u32. This modification caused incorrect assignments to fields named 'more' and 'merge', as values greater than 1 were being assigned, relying on C's implicit conversion to boolean. The use of 1-bit bitfields resulted in unintended behavior where 0 was assigned instead of 1 in certain cases. The issue is resolved by reverting the data type back to bool.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.