VDB
CVE-2026-43077
CVE-2026-43077
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Fix minimum RX size check for decryption The check for the minimum receive buffer size did not take the tag size into account during decryption. Fix this by adding the required extra length.
EPSS 0.01% · 2.4th percentile
Risk Scores
EPSS Score
0.01%
2.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 4.14, 4.14, 4.14 |
| Linux | Linux | d887c52d6ae43aeebd249b5f2f1333e60236aa60, d887c52d6ae43aeebd249b5f2f1333e60236aa60, d887c52d6ae43aeebd249b5f2f1333e60236aa60 |
Timeline
- Apr 30, 2026 PoC Published
- May 5, 2026 CVE Published
- May 6, 2026 PoC Published
- May 6, 2026 Security Advisory
- May 7, 2026 Distribution Patch
- May 7, 2026 Security Advisory
- May 7, 2026 Distribution Patch
- May 7, 2026 Security Advisory
- May 7, 2026 Distribution Patch
- May 7, 2026 Security Advisory
- May 7, 2026 Distribution Patch
- May 7, 2026 Security Advisory
References
- https://git.kernel.org/stable/c/74a66fdb5282d89e348b00c42cfca3a936946d94 url
- https://git.kernel.org/stable/c/fd427dd84f224309afbcc2cb67c7bb770a01265c url
- https://git.kernel.org/stable/c/1c76b5675119f694458293a2a81f40731c69bd32 url
- https://git.kernel.org/stable/c/e86ab1e5661386a874fbb8551f0c04b8e9f8ad22 url
- https://git.kernel.org/stable/c/af2fa2fbbced26129813274b8b3f7705f280e174 url
- https://git.kernel.org/stable/c/78cea133daf721698876e56135049a96d39d610a url
- https://git.kernel.org/stable/c/3afdc15d6173614d7d834517d9b65e7aa5a08548 url
- https://git.kernel.org/stable/c/3d14bd48e3a77091cbce637a12c2ae31b4a1687c url
- https://nvd.nist.gov/vuln/detail/CVE-2026-43077 advisory
- https://ubuntu.com/security/notices/USN-8273-1 advisory
- https://ubuntu.com/security/notices/USN-8289-1 advisory
- https://ubuntu.com/security/notices/USN-8278-1 advisory
- https://ubuntu.com/security/notices/USN-8275-1 advisory
- https://ubuntu.com/security/notices/USN-8280-1 advisory
- https://ubuntu.com/security/notices/USN-8279-1 advisory
- https://ubuntu.com/security/notices/USN-8254-3 advisory
- https://ubuntu.com/security/notices/USN-8291-1 advisory
- https://ubuntu.com/security/notices/USN-8277-1 advisory
- https://ubuntu.com/security/notices/USN-8255-3 advisory
- https://ubuntu.com/security/notices/USN-8274-1 advisory
…and 3 more