{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-71231","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-02-18T14:25:13.845Z","datePublished":"2026-02-18T14:53:15.668Z","dateUpdated":"2026-05-11T21:56:52.247Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:56:52.247Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode\n\nThe local variable 'i' is initialized with -EINVAL, but the for loop\nimmediately overwrites it and -EINVAL is never returned.\n\nIf no empty compression mode can be found, the function would return the\nout-of-bounds index IAA_COMP_MODES_MAX, which would cause an invalid\narray access in add_iaa_compression_mode().\n\nFix both issues by returning either a valid index or -EINVAL."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/crypto/intel/iaa/iaa_crypto_main.c"],"versions":[{"version":"b190447e0fa3ef7355480d641d078962e03768b4","lessThan":"c77b33b58512708bd5603f48465f018c8b748847","status":"affected","versionType":"git"},{"version":"b190447e0fa3ef7355480d641d078962e03768b4","lessThan":"d75207465eed20bc9b0daa4a0927de9568996067","status":"affected","versionType":"git"},{"version":"b190447e0fa3ef7355480d641d078962e03768b4","lessThan":"de16f5bca05cace238d237791ed1b6e9d22dab60","status":"affected","versionType":"git"},{"version":"b190447e0fa3ef7355480d641d078962e03768b4","lessThan":"48329301969f6d21b2ef35f678e40f72b59eac94","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/crypto/intel/iaa/iaa_crypto_main.c"],"versions":[{"version":"6.8","status":"affected"},{"version":"0","lessThan":"6.8","status":"unaffected","versionType":"semver"},{"version":"6.12.72","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.11","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19.1","lessThanOrEqual":"6.19.*","status":"unaffected","versionType":"semver"},{"version":"7.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.12.72"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.18.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.19.1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"7.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/c77b33b58512708bd5603f48465f018c8b748847"},{"url":"https://git.kernel.org/stable/c/d75207465eed20bc9b0daa4a0927de9568996067"},{"url":"https://git.kernel.org/stable/c/de16f5bca05cace238d237791ed1b6e9d22dab60"},{"url":"https://git.kernel.org/stable/c/48329301969f6d21b2ef35f678e40f72b59eac94"}],"title":"crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode","x_generator":{"engine":"bippy-1.2.0"}}}}