Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak In tcf_connmark_dump(), the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nla_put() copies the entire structure into a netlink message, these uninitialized bytes leaked to userspace. Initialize the structure with memset before assigning its fields to ensure all members and padding are cleared prior to beign copied.
References
- https://git.kernel.org/stable/c/218b67c8c8246d47a2a7910eae80abe4861fe2b7
- https://git.kernel.org/stable/c/25837889ec062f2b7618142cd80253dff3da5343
- https://git.kernel.org/stable/c/31e4aa93e2e5b5647fc235b0f6ee329646878f9e
- https://git.kernel.org/stable/c/51cb05d4fd632596816ba44e882e84db9fb28a7e
- https://git.kernel.org/stable/c/62b656e43eaeae445a39cd8021a4f47065af4389
- https://git.kernel.org/stable/c/73cc56c608c209d3d666cc571293b090a471da70
FAQ
What is CVE-2025-40279?
CVE-2025-40279 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak In tcf_connmark_dump(), the variable 'opt' was partially ini...
How severe is CVE-2025-40279?
CVSS scoring is not yet available for CVE-2025-40279. Check NVD for updates.
Is there a patch for CVE-2025-40279?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.