CVE-2025-40363

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue in the IPv6 implementation related to Address Header (AH) output processing. Specifically, the ah6 output() and ah6 output done() functions exhibit field-spanning memory copy warnings when handling extension headers copied to and from IPv6 address fields. This occurs due to the copying of data exceeding the 16-byte address field size, triggering warnings about potential writes beyond the allocated memory. The warnings are identified as false positives because extension headers are intentionally positioned after the IPv6 header in memory. The issue is addressed by correctly copying addresses and extension headers separately, and by introducing helper functions to reduce code duplication. The vulnerable code is located at net/ipv6/ah6.c:439 within the ah6 output() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.