CVE-2025-40019

Linux Kernel - Crypto Vuln

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.

Exploits (3)

nomisec WORKING POC 1 stars

by guard-wait · poc

https://github.com/guard-wait/CVE-2025-40019_POC

View Code ZIP pw:eip

nomisec WORKING POC

by xooxo · poc

https://github.com/xooxo/CVE-2025-40019-Essiv

View Code ZIP pw:eip

nomisec WORKING POC

by 0xAtharv · poc

https://github.com/0xAtharv/CVE-2025-40019-POC

View Code ZIP pw:eip

References (8)

[Patch] https://git.kernel.org/stable/c/248ff2797ff52a8cbf86507f9583437443bf7685

[Patch] https://git.kernel.org/stable/c/29294dd6f1e7acf527255fb136ffde6602c3a129

[Patch] https://git.kernel.org/stable/c/6bb73db6948c2de23e407fe1b7ef94bf02b7529f

[Patch] https://git.kernel.org/stable/c/71f03f8f72d9c70ffba76980e78b38c180e61589

[Patch] https://git.kernel.org/stable/c/da7afb01ba05577ba3629f7f4824205550644986

[Patch] https://git.kernel.org/stable/c/dc4c854a5e7453c465fa73b153eba4ef2a240abe

[Patch] https://git.kernel.org/stable/c/df58651968f82344a0ed2afdafd20ecfc55ff548

[Patch] https://git.kernel.org/stable/c/f37e7860dc5e94c70b4a3e38a5809181310ea9ac

Scores

EPSS 0.0003

EPSS Percentile 7.0%

Details

Status published

Products (25)

linux/Kernel 5.11.0 - 5.15.195linux

linux/Kernel 5.16.0 - 6.1.157linux

linux/Kernel 5.4.0 - 5.4.301linux

linux/Kernel 5.5.0 - 5.10.246linux

linux/Kernel 6.13.0 - 6.17.4linux

linux/Kernel 6.2.0 - 6.6.113linux

linux/Kernel 6.7.0 - 6.12.54linux

Linux/Linux < 5.4

Linux/Linux 5.10.246 - 5.10.*

Linux/Linux 5.15.195 - 5.15.*

... and 15 more

Published Oct 24, 2025

Tracked Since Feb 18, 2026