Description
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000.
References (11)
Core 11
Core References
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2026-52972
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2492364
Scores
CVSS v3
7.0
EPSS
0.0014
EPSS Percentile
3.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
Status
published
Products (25)
linux/Kernel
4.1.0 - 5.10.258linux
linux/Kernel
5.11.0 - 5.15.209linux
linux/Kernel
5.16.0 - 6.1.175linux
linux/Kernel
6.13.0 - 6.18.33linux
linux/Kernel
6.19.0 - 7.0.10linux
linux/Kernel
6.2.0 - 6.6.141linux
linux/Kernel
6.7.0 - 6.12.91linux
Linux/Linux
< 4.1
Linux/Linux
4.1
Linux/Linux
400c40cf78da00c16e561a3a253ca272455c42ef - 265ac26d1c5e17b34d497cbda1f754a1ec8552bc
... and 15 more
Published
Jun 24, 2026
Tracked Since
Jun 24, 2026