We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-38079

crypto: algif_hash - fix double free in hash_accept



Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_release, leading to slab-use-after-free error.

Reserved 2025-04-16 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status
unaffected

fe869cdb89c95d060c77eea20204d6c91f233b53 before 5bff312b59b3f2a54ff504e4f4e47272b64f3633
affected

fe869cdb89c95d060c77eea20204d6c91f233b53 before bf7bba75b91539e93615f560893a599c1e1c98bf
affected

fe869cdb89c95d060c77eea20204d6c91f233b53 before c3059d58f79fdfb2201249c2741514e34562b547
affected

fe869cdb89c95d060c77eea20204d6c91f233b53 before f0f3d09f53534ea385d55ced408f2b67059b16e4
affected

fe869cdb89c95d060c77eea20204d6c91f233b53 before 134daaba93193df9e988524b5cd2f52d15eb1993
affected

fe869cdb89c95d060c77eea20204d6c91f233b53 before 2f45a8d64fb4ed4830a4b3273834ecd6ca504896
affected

fe869cdb89c95d060c77eea20204d6c91f233b53 before 0346f4b742345d1c733c977f3a7aef5a6419a967
affected

fe869cdb89c95d060c77eea20204d6c91f233b53 before b2df03ed4052e97126267e8c13ad4204ea6ba9b6
affected

Default status
affected

2.6.38
affected

Any version before 2.6.38
unaffected

5.4.294
unaffected

5.10.238
unaffected

5.15.185
unaffected

6.1.141
unaffected

6.6.93
unaffected

6.12.31
unaffected

6.14.9
unaffected

6.15
unaffected

References

git.kernel.org/...c/5bff312b59b3f2a54ff504e4f4e47272b64f3633

git.kernel.org/...c/bf7bba75b91539e93615f560893a599c1e1c98bf

git.kernel.org/...c/c3059d58f79fdfb2201249c2741514e34562b547

git.kernel.org/...c/f0f3d09f53534ea385d55ced408f2b67059b16e4

git.kernel.org/...c/134daaba93193df9e988524b5cd2f52d15eb1993

git.kernel.org/...c/2f45a8d64fb4ed4830a4b3273834ecd6ca504896

git.kernel.org/...c/0346f4b742345d1c733c977f3a7aef5a6419a967

git.kernel.org/...c/b2df03ed4052e97126267e8c13ad4204ea6ba9b6

cve.org (CVE-2025-38079)

nvd.nist.gov (CVE-2025-38079)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-38079

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.