CVE-2026-43033
HIGHcrypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place (src != dst), there is no need to save the high-order sequence bits in dst as it could simply be re-copied from the source. However, the data to be hashed need to be rearranged accordingly. Thanks,
References (10)
Core 10
Core References
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-019113.html
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Scores
CVSS v3
7.8
EPSS
0.0014
EPSS Percentile
3.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (27)
linux/Kernel
4.3.0 - 5.10.254linux
linux/Kernel
5.11.0 - 5.15.204linux
linux/Kernel
5.16.0 - 6.1.170linux
linux/Kernel
6.13.0 - 6.18.22linux
linux/Kernel
6.19.0 - 6.19.12linux
linux/Kernel
6.2.0 - 6.6.137linux
linux/Kernel
6.7.0 - 6.12.85linux
Linux/Linux
< 4.3
Linux/Linux
104880a6b470958ddc30e139c41aa4f6ed3a5234 - 153d5520c3f9fd62e71c7e7f9e34b59cf411e555
Linux/Linux
104880a6b470958ddc30e139c41aa4f6ed3a5234 - 5466e7d0cd9e4f9cef9d8f18f18b60e7bc1c77e5
... and 17 more
Published
May 01, 2026
Tracked Since
May 01, 2026