CVE-2025-39964
Published: Oct 13, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencies in the internal socket state. Disallow this by adding a new ctx->write field that indiciates exclusive ownership for writing.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < 0f28c4adbc4a97437874c9b669fd7958a8c6d6ceaffected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < e4c1ec11132ec466f7362a95f36a506ce4dc08c9affected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < 1f323a48e9b5ebfe6dc7d130fdf5c3c0e92a07c8affected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < 7c4491b5644e3a3708f3dbd7591be0a570135b84affected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < 9aee87da5572b3a14075f501752e209801160d3d+2 more versions |
Linux | Linux | affected 2.6.38unaffected 0 - < 2.6.38unaffected 5.10.245 - <= 5.10.*unaffected 5.15.194 - <= 5.15.*unaffected 6.1.154 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now