CVE-2026-43077

MEDIUM

crypto: algif_aead - Fix minimum RX size check for decryption

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Fix minimum RX size check for decryption The check for the minimum receive buffer size did not take the tag size into account during decryption. Fix this by adding the required extra length.

Scores

CVSS v3 5.5
EPSS 0.0012
EPSS Percentile 2.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (28)
linux/Kernel 4.14.0 - 5.10.254linux
linux/Kernel 5.11.0 - 5.15.204linux
linux/Kernel 5.16.0 - 6.1.170linux
linux/Kernel 6.13.0 - 6.18.24linux
linux/Kernel 6.19.0 - 6.19.14linux
linux/Kernel 6.2.0 - 6.6.136linux
linux/Kernel 6.7.0 - 6.12.83linux
Linux/Linux < 4.14
Linux/Linux 4.14
Linux/Linux 5.10.254 - 5.10.*
... and 18 more
Published May 06, 2026
Tracked Since May 06, 2026