CVE-2026-43077
MEDIUMcrypto: algif_aead - Fix minimum RX size check for decryption
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Fix minimum RX size check for decryption The check for the minimum receive buffer size did not take the tag size into account during decryption. Fix this by adding the required extra length.
References (8)
Core 8
Core References
Scores
CVSS v3
5.5
EPSS
0.0012
EPSS Percentile
2.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (28)
linux/Kernel
4.14.0 - 5.10.254linux
linux/Kernel
5.11.0 - 5.15.204linux
linux/Kernel
5.16.0 - 6.1.170linux
linux/Kernel
6.13.0 - 6.18.24linux
linux/Kernel
6.19.0 - 6.19.14linux
linux/Kernel
6.2.0 - 6.6.136linux
linux/Kernel
6.7.0 - 6.12.83linux
Linux/Linux
< 4.14
Linux/Linux
4.14
Linux/Linux
5.10.254 - 5.10.*
... and 18 more
Published
May 06, 2026
Tracked Since
May 06, 2026