Back to search
CVE-2025-71131
Published: Jan 14, 2026
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_aead_encrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req->iv after it returns is invalid. Instead of checking req->iv against info, create a new variable unaligned_info and use it for that purpose instead.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0a270321dbf948963aeb0e8382fe17d2c2eb3771 - < 18202537856e0fae079fed2c9308780bcff2bb9daffected 0a270321dbf948963aeb0e8382fe17d2c2eb3771 - < baf0e2d1e03ddb04781dfe7f22a654d3611f69b2affected 0a270321dbf948963aeb0e8382fe17d2c2eb3771 - < 50f196d2bbaee4ab2494bb1b0d294deba292951aaffected 0a270321dbf948963aeb0e8382fe17d2c2eb3771 - < 0279978adec6f1296af66b642cce641c6580be46affected 0a270321dbf948963aeb0e8382fe17d2c2eb3771 - < ccbb96434d88e32358894c879457b33f7508e798+2 more versions |
Linux | Linux | affected 2.6.25unaffected 0 - < 2.6.25unaffected 5.10.248 - <= 5.10.*unaffected 5.15.198 - <= 5.15.*unaffected 6.1.160 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now