Security Advisory

CVE-2025-40236

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 15:31:26

Last updated 2026-05-11 21:45:25

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: virtio-net: zero unused hash fields When GSO tunnel is negotiated virtio_net_hdr_tnl_from_skb() tries to initialize the tunnel metadata but forget to zero unused rxhash fields. This may leak information to another side. Fixing this by zeroing the unused hash fields.

← Browse all CVEs View on cve.org ↗