CVE-2025-71131
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, a vulnerability in the seqiv module was found where req->iv is dereferenced after crypto_aead_encrypt returns. Since the underlying request may be freed by an asynchronous completion, this leads to use-after-free.
Risk Assessment
The risk involves potential data integrity violation or arbitrary code execution due to accessing freed memory, which could allow an attacker to escalate privileges or destabilize the system.
Recommendation
It is recommended to immediately update the Linux kernel to a version containing the fix that replaces the reference to req->iv with a new variable unaligned_info.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_aead_encrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req->iv after it returns is invalid. Instead of checking req->iv against info, create a new variable unaligned_info and use it for that purpose instead.

