Description

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_aead_encrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req->iv after it returns is invalid. Instead of checking req->iv against info, create a new variable unaligned_info and use it for that purpose instead.

INFO

Published Date :

2026-01-14T15:07:47.194Z

Last Modified :

2026-01-19T12:20:29.700Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-71131 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-71131.

URL Resource
https://git.kernel.org/stable/c/0279978adec6f1296af66b642cce641c6580be46 cve-icon cve-icon
https://git.kernel.org/stable/c/18202537856e0fae079fed2c9308780bcff2bb9d cve-icon cve-icon
https://git.kernel.org/stable/c/50f196d2bbaee4ab2494bb1b0d294deba292951a cve-icon cve-icon
https://git.kernel.org/stable/c/50fdb78b7c0bcc550910ef69c0984e751cac72fa cve-icon cve-icon
https://git.kernel.org/stable/c/5476f7f8a311236604b78fcc5b2a63b3a61b0169 cve-icon cve-icon
https://git.kernel.org/stable/c/baf0e2d1e03ddb04781dfe7f22a654d3611f69b2 cve-icon cve-icon
https://git.kernel.org/stable/c/ccbb96434d88e32358894c879457b33f7508e798 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026011452-CVE-2025-71131-c844@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-71131 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-71131 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact