CVE-2025-40063

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> crypto: comp - Use same definition of context alloc and free ops<br /> <br /> In commit 42d9f6c77479 ("crypto: acomp - Move scomp stream allocation<br /> code into acomp"), the crypto_acomp_streams struct was made to rely on<br /> having the alloc_ctx and free_ctx operations defined in the same order<br /> as the scomp_alg struct. But in that same commit, the alloc_ctx and<br /> free_ctx members of scomp_alg may be randomized by structure layout<br /> randomization, since they are contained in a pure ops structure<br /> (containing only function pointers). If the pointers within scomp_alg<br /> are randomized, but those in crypto_acomp_streams are not, then<br /> the order may no longer match. This fixes the problem by removing the<br /> union from scomp_alg so that both crypto_acomp_streams and scomp_alg<br /> will share the same definition of alloc_ctx and free_ctx, ensuring<br /> they will always have the same layout.