Skip to main content

Linux Kernel CVE-2026-45854

| EUVDEUVD-2026-32320 MEDIUM
2026-05-27 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-835x-cv3m-5wj5
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
5.5 MEDIUM

Local driver teardown requires low-privilege access; kernel panic yields full availability loss with zero confidentiality or integrity impact.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 25, 2026 - 23:31 vuln.today
CVSS changed
Jun 25, 2026 - 21:22 NVD
5.5 (MEDIUM)
Patch available
May 27, 2026 - 19:46 EUVD
CVE Published
May 27, 2026 - 14:16 nvd
MEDIUM 5.5
CVE Published
May 27, 2026 - 14:16 nvd
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

crypto: inside-secure/eip93 - unregister only available algorithm

EIP93 has an options register. This register indicates which crypto algorithms are implemented in silicon. Supported algorithms are registered on this basis. Unregister algorithms on the same basis. Currently, all algorithms are unregistered, even those not supported by HW. This results in panic on platforms that don't have all options implemented in silicon.

AnalysisAI

Kernel panic in the Linux inside-secure/eip93 hardware crypto driver occurs when the driver teardown routine unconditionally unregisters all cryptographic algorithms, including those never registered because the underlying EIP93 silicon does not implement them. Platforms with partial EIP93 silicon support - where only a subset of algorithms are burned into hardware - trigger the panic during module removal or system shutdown. No public exploit exists and EPSS sits at the 4th percentile (0.02%), indicating this is primarily a stability defect with negligible exploitation interest rather than a targeted attack surface.

Technical ContextAI

Inside Secure EIP93 is a hardware cryptographic accelerator embedded in certain SoCs (notably MediaTek MT7621 used in home routers and embedded networking devices). The device exposes an options register that indicates which cryptographic primitives are available in silicon - not all EIP93 instances implement the full algorithm suite. The Linux kernel driver (drivers/crypto/inside-secure/eip93) reads this register at probe time and registers only supported algorithms with the kernel crypto API. The defect (CWE not assigned) is a lifecycle mismatch: initialization correctly gates registration on hardware capability, but the cleanup path unconditionally deregisters all possible algorithms. Attempting to unregister a crypto algorithm that was never registered triggers a kernel panic, likely a NULL pointer dereference or an invalid list operation. Affected CPE is cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* across versions prior to the fix commits.

RemediationAI

Upstream fix available via kernel stable tree commits; released patched versions confirmed as Linux 6.18.14, 6.19.4, and 7.0 per EUVD data. Administrators running affected embedded platforms (e.g., MediaTek MT7621-based devices) should apply the appropriate stable-tree update or cherry-pick the relevant fix commit for their kernel version from https://git.kernel.org/stable/c/4c1c5a1d720fdacea060e106c7dd79417243d121. If patching is not immediately possible, a compensating control is to prevent runtime unloading of the eip93 module by adding it to /etc/modules or marking it non-removable; this avoids the teardown path during normal operation, though the panic can still occur at shutdown. The trade-off is that this workaround does not eliminate the crash on power-off. No vendor advisory URL beyond the kernel stable git tree is available at time of analysis.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Not-Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Not-Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Not-Affected

Share

CVE-2026-45854 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy