CVE-2025-71231

EUVD-2025-207667
In the Linux kernel, the following vulnerability has been resolved:

crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode

The local variable 'i' is initialized with -EINVAL, but the for loop
immediately overwrites it and -EINVAL is never returned.

If no empty compression mode can be found, the function would return the
out-of-bounds index IAA_COMP_MODES_MAX, which would cause an invalid
array access in add_iaa_compression_mode().

Fix both issues by returning either a valid index or -EINVAL.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.8 ≤
𝑥
< 6.12.72
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.11
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.159-1
fixed
bookworm (security)
6.1.164-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.251-1
fixed
forky
6.19.10-1
fixed
sid
6.19.11-1
fixed
trixie
6.12.73-1
fixed
trixie (security)
6.12.74-2
fixed
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/48329301969f6d21b2ef35f678e40f72b59eac94
https://git.kernel.org/stable/c/c77b33b58512708bd5603f48465f018c8b748847
https://git.kernel.org/stable/c/d75207465eed20bc9b0daa4a0927de9568996067
https://git.kernel.org/stable/c/de16f5bca05cace238d237791ed1b6e9d22dab60