3 matches found
CVE-2025-40256
CVE-2025-40256 is a Linux kernel vulnerability in xfrm where xfrm_state_delete_tunnel was not called for states created but not inserted, causing a FB tunnel leak. The issue arises when full init_state runs but insertion fails before user state is linked, leaving a fallback tunnel on lists. Affec...
CVE-2025-40256
In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added In commit b441cf3f8c4b "xfrm: delete x-tunnel as we delete x", I missed the case where state creation fails between full initialization...
Linux Distros Unpatched Vulnerability : CVE-2025-40256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added In commit b441cf3f8c4b xfrm: delete x-tunnel as we delete x, I missed the...