PT-2025-49086 · Linux+2 · Linux Kernel+2

Published

2025-10-21

·

Updated

2026-03-24

·

CVE-2025-40256

CVSS v2.0

5.2

Medium

VectorAV:A/AC:L/Au:S/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw exists in the Linux kernel’s xfrm subsystem where the xfrm state delete tunnel function is not consistently called for states that were initialized but never fully added. This can lead to memory leaks of fallback tunnels, particularly in scenarios involving state creation failures during initialization or migration. The issue stems from missing calls to xfrm state delete tunnel during state destruction, specifically when states fail to be inserted onto lists after partial initialization. This affects add, update, and migrate code paths within the net/key and xfrm components. The vulnerability is addressed by calling xfrm state delete tunnel during xfrm state gc destroy.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-665

Related Identifiers

BDU:2026-01367
CVE-2025-40256
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0263-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:0316-1
SUSE-SU-2026:0317-1
SUSE-SU-2026:0350-1
SUSE-SU-2026:0369-1
SUSE-SU-2026:0411-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1

Affected Products

Linuxmint
Linux Kernel
Ubuntu