[SRU][J/N/Q][PATCH 0/1] CVE-2025-40019
Ian Whitfield
ian.whitfield at canonical.com
Wed Nov 19 01:03:37 UTC 2025
[Impact]
crypto: essiv - Check ssize for decryption and in-place encryption
Move the ssize check to the start in essiv_aead_crypt so that
it's also checked for decryption and in-place encryption.
[Backport]
Patch applied cleanly.
[Fix]
Questing: cherry pick
Noble: cherry pick
Jammy: cherry pick
Focal: PR opened on Forgejo
Bionic: Not affected
Xenial: Not affected
Trusty: Not affected
[Test Case]
Compile and boot tested.
[Where problems could occur]
This fix affects ESSIV, an IV generator for fscrypt and dm-crypt, which can be
used in disk encryption. An issue with this fix would be visible to the user as
unexpected kernel behavior when encrypting or decrypting files on disk.
Herbert Xu (1):
crypto: essiv - Check ssize for decryption and in-place encryption
crypto/essiv.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list