-

CVE-2025-71131

EPSS 0.03%
Veröffentlicht 14.01.2026 15:16:02
Zuletzt bearbeitet 19.01.2026 13:16:19
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

As soon as crypto_aead_encrypt is called, the underlying request
may be freed by an asynchronous completion.  Thus dereferencing
req->iv after it returns is invalid.

Instead of checking req->iv against info, create a new variable
unaligned_info and use it for that purpose instead.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 18202537856e0fae079fed2c9308780bcff2bb9d

Version 0a270321dbf948963aeb0e8382fe17d2c2eb3771

Status affected

Version < baf0e2d1e03ddb04781dfe7f22a654d3611f69b2

Version 0a270321dbf948963aeb0e8382fe17d2c2eb3771

Status affected

Version < 50f196d2bbaee4ab2494bb1b0d294deba292951a

Version 0a270321dbf948963aeb0e8382fe17d2c2eb3771

Status affected

Version < 0279978adec6f1296af66b642cce641c6580be46

Version 0a270321dbf948963aeb0e8382fe17d2c2eb3771

Status affected

Version < ccbb96434d88e32358894c879457b33f7508e798

Version 0a270321dbf948963aeb0e8382fe17d2c2eb3771

Status affected

Version < 5476f7f8a311236604b78fcc5b2a63b3a61b0169

Version 0a270321dbf948963aeb0e8382fe17d2c2eb3771

Status affected

Version < 50fdb78b7c0bcc550910ef69c0984e751cac72fa

Version 0a270321dbf948963aeb0e8382fe17d2c2eb3771

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.25

Status affected

Version < 2.6.25

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.4

Status unaffected

Version <= *

Version 6.19-rc4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/0279978adec6f1296af66b642cce641c6580be46

https://git.kernel.org/stable/c/50f196d2bbaee4ab2494bb1b0d294deba292951a

https://git.kernel.org/stable/c/50fdb78b7c0bcc550910ef69c0984e751cac72fa

https://git.kernel.org/stable/c/5476f7f8a311236604b78fcc5b2a63b3a61b0169

https://git.kernel.org/stable/c/ccbb96434d88e32358894c879457b33f7508e798

https://git.kernel.org/stable/c/18202537856e0fae079fed2c9308780bcff2bb9d

https://git.kernel.org/stable/c/baf0e2d1e03ddb04781dfe7f22a654d3611f69b2

https://nvd.nist.gov/vuln/detail/CVE-2025-71131

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-71131

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-71131

EUVD