CVE-2025-40256
CVE-2025-40256 is a Linux kernel vulnerability in xfrm where xfrm_state_delete_tunnel was not called for states created but not inserted, causing a FB tunnel leak. The issue arises when full init_state runs but insertion fails before user state is linked, leaving a fallback tunnel on lists. Affec...