VYPR
Unrated severityNVD Advisory· Published Nov 12, 2025· Updated Apr 15, 2026

CVE-2025-40176

CVE-2025-40176

Description

In the Linux kernel, the following vulnerability has been resolved:

tls: wait for pending async decryptions if tls_strp_msg_hold fails

Async decryption calls tls_strp_msg_hold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with async decryption can lead to various issues (UAF on the skb, writing into userspace memory after the recv() call has returned).

In this case, wait for all pending decryption requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

188

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.