CVE-2025-40279

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: sched: act_connmark: initialize struct tc_ife to fix kernel leak<br /> <br /> In tcf_connmark_dump(), the variable &amp;#39;opt&amp;#39; was partially initialized using a<br /> designatied initializer. While the padding bytes are reamined<br /> uninitialized. nla_put() copies the entire structure into a<br /> netlink message, these uninitialized bytes leaked to userspace.<br /> <br /> Initialize the structure with memset before assigning its fields<br /> to ensure all members and padding are cleared prior to beign copied.