Description
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structure before setting individual variables.
References (8)
Core 8
Core References
Scores
CVSS v3
5.5
EPSS
0.0012
EPSS Percentile
2.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-401
Status
published
Products (27)
linux/Kernel
2.6.29 - 5.10.258linux
linux/Kernel
5.11.0 - 5.15.209linux
linux/Kernel
5.16.0 - 6.1.175linux
linux/Kernel
6.13.0 - 6.18.24linux
linux/Kernel
6.19.0 - 6.19.14linux
linux/Kernel
6.2.0 - 6.6.136linux
linux/Kernel
6.7.0 - 6.12.83linux
Linux/Linux
< 2.6.29
Linux/Linux
2.6.29
Linux/Linux
3a2dfbe8acb154905fdc2fd03ec56df42e6c4cc4 - 1beb76b2053b68c491b78370794b8ff63c8f8c02
... and 17 more
Published
May 06, 2026
Tracked Since
May 06, 2026