Decryption Vulnerability in Linux Kernel Crypto Module
CVE-2025-40019

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 October 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-40019?

A vulnerability has been identified in the Linux kernel's crypto module that potentially affects the integrity of encryption methods. The issue arises from the handling of the ssize parameter during decryption and in-place encryption processes. Specifically, the ssize check was not conducted early enough in the essiv_aead_crypt function. To address this flaw, the check has been moved to the start of the function, ensuring that it is properly validated for both decryption and in-place encryption scenarios.

Affected Version(s)

Linux be1eb7f78aa8fbe34779c56c266ccd0364604e71 < 29294dd6f1e7acf527255fb136ffde6602c3a129

Linux be1eb7f78aa8fbe34779c56c266ccd0364604e71 < 71f03f8f72d9c70ffba76980e78b38c180e61589

Linux be1eb7f78aa8fbe34779c56c266ccd0364604e71

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-40019_POC
Created by guard-wait

References

https://git.kernel.org/stable/c/29294dd6f1e7acf527255fb13...

https://git.kernel.org/stable/c/71f03f8f72d9c70ffba76980e...

https://git.kernel.org/stable/c/df58651968f82344a0ed2afda...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Nov 16, 2025
👾
Exploit known to exist
Nov 16, 2025
Vulnerability published
Oct 24, 2025
Vulnerability Reserved
Apr 16, 2025

JSON