CVE-2025-40236

NONE EPSS 5.1%
Published Dec 4, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 4, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: virtio-net: zero unused hash fields When GSO tunnel is negotiated virtio_net_hdr_tnl_from_skb() tries to initialize the tunnel metadata but forget to zero unused rxhash fields. This may leak information to another side. Fixing this by zeroing the unused hash fields.

Threat Intelligence

EPSS Exploit Probability
5.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 2

  • git.kernel.org https://git.kernel.org/stable/c/b2284768c6b32aa224ca7d0ef0741beb434f03aa
  • git.kernel.org https://git.kernel.org/stable/c/b625d231c66a6041e98817ffc944bf6e4c45b2e3

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.