Severity by source
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (vulncheck) · only source for this CVE.
CVSS VectorVendor: vulncheck
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodev_op() function in sys/opencrypto/cryptodev.c where the local variable iov_len is declared as a signed int but assigned from an unsigned cop->dst_len value, causing undefined behavior when cop->dst_len exceeds INT_MAX. A local attacker with access to /dev/crypto and a compression session type can exploit this vulnerability by providing a dst_len value exceeding INT_MAX to trigger a kernel panic through NULL pointer dereference when CONFIG_SVS is disabled and corrupted UIO pointer arithmetic.
AnalysisAI
Signed integer overflow in the NetBSD kernel's cryptodev subsystem (sys/opencrypto/cryptodev.c, prior to commit ec8451e) enables a local low-privileged attacker to crash the kernel via a NULL pointer dereference, causing a full denial of service. The type mismatch between a signed int local variable and an unsigned cop->dst_len source value in cryptodev_op() produces undefined behavior when dst_len exceeds INT_MAX, corrupting UIO pointer arithmetic and - when CONFIG_SVS is disabled - triggering a kernel panic. No public exploit identified at time of analysis, though a technical writeup at nasm.re documents related memory-handling issues in this subsystem.
Technical ContextAI
The vulnerability resides in the cryptodev_op() function within sys/opencrypto/cryptodev.c, which is the kernel-side handler for the /dev/crypto character device - a BSD-standard interface exposing hardware-accelerated cryptographic primitives to userspace. The root cause is CWE-190 (Integer Overflow or Wraparound): the local variable iov_len was declared as a signed int but receives its value from cop->dst_len, which is an unsigned type. When cop->dst_len exceeds INT_MAX (2,147,483,647), the assignment causes C undefined behavior - the value wraps or truncates to a negative integer. This corrupted value propagates into UIO (Unix I/O) iovec pointer arithmetic used to manage kernel I/O vectors for the crypto operation. When CONFIG_SVS is disabled in the kernel build, the corrupted iov_len ultimately produces a NULL pointer dereference, triggering a kernel panic. The fix in commit ec8451e refactors cryptodev operations into a new cryptop_data structure (cod_ctor/cod_dtor lifecycle functions) using size_t iov_len - an inherently unsigned, pointer-width type - eliminating the signed/unsigned mismatch entirely. Companion changes in crypto.c also tighten cpuid declarations from u_int to u_int32_t for related type safety. No CPE strings were provided in the available intelligence.
RemediationAI
The upstream fix is available as commit ec8451efc1565516aba9e7047e1a1a1ce7953a2f in the NetBSD source repository (https://github.com/NetBSD/src/commit/ec8451efc1565516aba9e7047e1a1a1ce7953a2f); systems running NetBSD-current should update to a snapshot dated 2026-04-29 or later. No specific patched release version number is independently confirmed from the available data - verify inclusion with the NetBSD Security Team or check for a formal NetBSD-SA advisory at netbsd.org. For systems that cannot be immediately patched, restricting permissions on the /dev/crypto device node (e.g., chmod 600 /dev/crypto, owned by root) eliminates the attack surface for unprivileged users, though this disables kernel-level cryptographic acceleration and will impact performance of IPsec, encrypted filesystems, and any application relying on opencrypto hardware offload. If compression session support is not required operationally, disabling the relevant kernel compression cipher module reduces exposure without fully removing /dev/crypto access. Enabling CONFIG_SVS in the kernel build (if the platform and configuration support it) limits the worst-case impact path from kernel panic to corrupted pointer arithmetic, but does not eliminate the underlying undefined behavior and should not be treated as a full mitigation.
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30789
GHSA-rf6w-j5hg-8rcv