AZL-70028

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-70028.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-70028

Upstream

CVE-2025-40176

Published

2025-11-12T11:15:48Z

Modified

2026-04-01T05:21:40.620896Z

Summary

CVE-2025-40176 affecting package kernel for versions less than 6.6.117.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

tls: wait for pending async decryptions if tlsstrpmsg_hold fails

Async decryption calls tlsstrpmsg_hold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with async decryption can lead to various issues (UAF on the skb, writing into userspace memory after the recv() call has returned).

In this case, wait for all pending decryption requests.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-40176

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.117.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-70028.json"