CVE Catalog

CVE-2025-39931

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

3th percentile - higher than 3% of all known CVEs

Summary

In the Linux kernel's crypto subsystem (af_alg), a vulnerability was found where on error in af_alg_sendmsg, the ctx->merge variable may contain a garbage value from the previous loop iteration. This can cause a system crash on the next call when it attempts an invalid merge.

Risk Assessment

The risk is a potential system crash during cryptographic operations, leading to denial of service (DoS) for applications using the af_alg interface.

Recommendation

Immediately update the Linux kernel to a version containing the fix that sets ctx->merge to zero at the start of the loop in af_alg_sendmsg.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Set merge to zero early in af_alg_sendmsg If an error causes af_alg_sendmsg to abort, ctx->merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into af_alg_sendmsg when it attempts to do a merge that can't be done. Fix this by setting ctx->merge to zero near the start of the loop.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS