Out-of-Bounds Write Vulnerability in Linux Kernel BPF Crypto Function
CVE-2025-39917

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-39917?

A vulnerability in the Linux kernel's BPF crypto functionality can lead to out-of-bounds (OOB) writes due to improper size validation of destination dynamic pointers before engaging with the crypto backend. Specifically, in the bpf_crypto_crypt() function, there is a risk when the destination buffer is smaller than the source buffer, potentially allowing malicious exploitation under root privileges. This issue underscores the importance of proper buffer handling to maintain system security and integrity.

Affected Version(s)

Linux 3e1c6f35409f9e447bf37f64840f5b65576bfb78 < 0126358df12d6f476f79251d9c398ac5c1b3062d

Linux 3e1c6f35409f9e447bf37f64840f5b65576bfb78

References

https://git.kernel.org/stable/c/0126358df12d6f476f79251d9...

https://git.kernel.org/stable/c/c4be24ef0510c146dca4671ef...

https://git.kernel.org/stable/c/f9bb6ffa7f5ad0f8ee0f53fc4...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Apr 16, 2025

JSON