{"id":"CVE-2019-25045","details":"An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.","aliases":["A-191191823","PUB-A-191191823"],"modified":"2026-03-15T22:19:24.281726Z","published":"2021-06-07T20:15:07.800Z","related":["SUSE-SU-2021:2321-1","SUSE-SU-2021:2324-1","SUSE-SU-2021:2349-1"],"references":[{"type":"ADVISORY","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210720-0003/"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbb2483b2a46fbaf833cfb5deb5ed9cace9c7399"},{"type":"EVIDENCE","url":"https://sites.google.com/view/syzscope/warning-in-xfrm_state_fini-2"},{"type":"EVIDENCE","url":"https://syzkaller.appspot.com/bug?id=f99edaeec58ad40380ed5813d89e205861be2896"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.0.19"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-25045.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}