{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T19:59:40.498","vulnerabilities":[{"cve":{"id":"CVE-2025-40236","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-12-04T16:16:16.567","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: zero unused hash fields\n\nWhen GSO tunnel is negotiated virtio_net_hdr_tnl_from_skb() tries to\ninitialize the tunnel metadata but forget to zero unused rxhash\nfields. This may leak information to another side. Fixing this by\nzeroing the unused hash fields."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/b2284768c6b32aa224ca7d0ef0741beb434f03aa","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/b625d231c66a6041e98817ffc944bf6e4c45b2e3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}