Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

CVE-2025-40019 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2025-40019

CVE-2025-40019

UNKNOWN

crypto: essiv - Check ssize for decryption and in-place encryption

Published Oct 24, 2025

Modified 4 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: essiv - Check ssize for decryption and in-place encryption

Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.

References

https://git.kernel.org/stable/c/248ff2797ff52a8cbf86507f9583437443bf7685

https://git.kernel.org/stable/c/29294dd6f1e7acf527255fb136ffde6602c3a129

https://git.kernel.org/stable/c/6bb73db6948c2de23e407fe1b7ef94bf02b7529f

https://git.kernel.org/stable/c/71f03f8f72d9c70ffba76980e78b38c180e61589

https://git.kernel.org/stable/c/da7afb01ba05577ba3629f7f4824205550644986

https://git.kernel.org/stable/c/dc4c854a5e7453c465fa73b153eba4ef2a240abe

https://git.kernel.org/stable/c/df58651968f82344a0ed2afdafd20ecfc55ff548

https://git.kernel.org/stable/c/f37e7860dc5e94c70b4a3e38a5809181310ea9ac

https://www.cve.org/CVERecord?id=CVE-2025-40019

Ecosystems

Timeline

PublishedOct 24, 2025

ModifiedDec 1, 2025