CVE-2025-39802Linux vulnerability

5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 94.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit 773426f4771b ("crypto: arm/poly1305 - Add block-only interface"). This safety check is cheap and is well worth eliminating a footgun. While the Poly1305 functions should not be called when SIMD registers are unusable, if they are anyway, they should just do the right thing instead of corrupting ran

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel6.166.16.4
Debianlinux/linux_kernel< 6.16.5-1
CVEListV5linux/linux773426f4771bdd82ac5c834bf4c1775315c73a4687bdfba903be7084cb3ee04032b14a81181fe413+2
debiandebian/linux< linux 6.16.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2025-39802: In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the2025-09-15
GHSA
GHSA-xjw6-gqc2-j75x: In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore th2025-09-15

📋Vendor Advisories

2
Red Hat
kernel: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts2025-09-15
Debian
CVE-2025-39802: linux - In the Linux kernel, the following vulnerability has been resolved: lib/crypto:...2025
CVE-2025-39802 — Linux vulnerability | cvebase