-

CVE-2025-39964

EPSS 0.05%
Veröffentlicht 13.10.2025 13:48:30
Zuletzt bearbeitet 14.10.2025 19:36:29
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg

Issuing two writes to the same af_alg socket is bogus as the
data will be interleaved in an unpredictable fashion.  Furthermore,
concurrent writes may create inconsistencies in the internal
socket state.

Disallow this by adding a new ctx->write field that indiciates
exclusive ownership for writing.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 0f28c4adbc4a97437874c9b669fd7958a8c6d6ce

Version 8ff590903d5fc7f5a0a988c38267a3d08e6393a2

Status affected

Version < e4c1ec11132ec466f7362a95f36a506ce4dc08c9

Version 8ff590903d5fc7f5a0a988c38267a3d08e6393a2

Status affected

Version < 1f323a48e9b5ebfe6dc7d130fdf5c3c0e92a07c8

Version 8ff590903d5fc7f5a0a988c38267a3d08e6393a2

Status affected

Version < 7c4491b5644e3a3708f3dbd7591be0a570135b84

Version 8ff590903d5fc7f5a0a988c38267a3d08e6393a2

Status affected

Version < 9aee87da5572b3a14075f501752e209801160d3d

Version 8ff590903d5fc7f5a0a988c38267a3d08e6393a2

Status affected

Version < 45bcf60fe49b37daab1acee57b27211ad1574042

Version 8ff590903d5fc7f5a0a988c38267a3d08e6393a2

Status affected

Version < 1b34cbbf4f011a121ef7b2d7d6e6920a036d5285

Version 8ff590903d5fc7f5a0a988c38267a3d08e6393a2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.38

Status affected

Version < 2.6.38

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.245

Status unaffected

Version <= 5.15.*

Version 5.15.194

Status unaffected

Version <= 6.1.*

Version 6.1.154

Status unaffected

Version <= 6.6.*

Version 6.6.108

Status unaffected

Version <= 6.12.*

Version 6.12.49

Status unaffected

Version <= 6.16.*

Version 6.16.9

Status unaffected

Version <= *

Version 6.17

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.156

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/0f28c4adbc4a97437874c9b669fd7958a8c6d6ce

https://git.kernel.org/stable/c/e4c1ec11132ec466f7362a95f36a506ce4dc08c9

https://git.kernel.org/stable/c/1f323a48e9b5ebfe6dc7d130fdf5c3c0e92a07c8

https://git.kernel.org/stable/c/7c4491b5644e3a3708f3dbd7591be0a570135b84

https://git.kernel.org/stable/c/9aee87da5572b3a14075f501752e209801160d3d

https://git.kernel.org/stable/c/45bcf60fe49b37daab1acee57b27211ad1574042

https://git.kernel.org/stable/c/1b34cbbf4f011a121ef7b2d7d6e6920a036d5285

https://nvd.nist.gov/vuln/detail/CVE-2025-39964

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39964

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39964

EUVD