APPLIED: [SRU][J/N/Q][PATCH 0/1] CVE-2025-40019
Stefan Bader
stefan.bader at canonical.com
Tue Nov 25 15:27:43 UTC 2025
On 19/11/2025 02:03, Ian Whitfield wrote:
> [Impact]
>
> crypto: essiv - Check ssize for decryption and in-place encryption
>
> Move the ssize check to the start in essiv_aead_crypt so that
> it's also checked for decryption and in-place encryption.
>
> [Backport]
>
> Patch applied cleanly.
>
> [Fix]
>
> Questing: cherry pick
> Noble: cherry pick
> Jammy: cherry pick
> Focal: PR opened on Forgejo
> Bionic: Not affected
> Xenial: Not affected
> Trusty: Not affected
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> This fix affects ESSIV, an IV generator for fscrypt and dm-crypt, which can be
> used in disk encryption. An issue with this fix would be visible to the user as
> unexpected kernel behavior when encrypting or decrypting files on disk.
>
> Herbert Xu (1):
> crypto: essiv - Check ssize for decryption and in-place encryption
>
> crypto/essiv.c | 14 ++++++--------
> 1 file changed, 6 insertions(+), 8 deletions(-)
>
Applied to questing,noble,jammy:linux/master-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20251125/cad24732/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20251125/cad24732/attachment-0001.sig>
More information about the kernel-team
mailing list