Skip to main content

Linux Kernel CVE-2026-45937

| EUVDEUVD-2026-32221 MEDIUM
2026-05-27 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-jfg2-jq5p-9vqw
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
5.5 MEDIUM

Local trigger only via driver detach on specific hardware; low privilege suffices; kernel panic yields high availability impact with no data exposure.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 24, 2026 - 17:25 vuln.today
CVSS changed
Jun 24, 2026 - 17:22 NVD
5.5 (MEDIUM)
Patch available
May 27, 2026 - 19:46 EUVD
CVE Published
May 27, 2026 - 14:17 nvd
MEDIUM 5.5
CVE Published
May 27, 2026 - 14:17 nvd
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

crypto: inside-secure/eip93 - fix kernel panic in driver detach

During driver detach, the same hash algorithm is unregistered multiple times due to a wrong iterator.

AnalysisAI

Kernel panic in the Linux kernel's Inside Secure EIP-93 hardware crypto driver occurs during driver detach due to a loop iterator bug that causes the same hash algorithm to be unregistered multiple times. Systems equipped with Inside Secure EIP-93 cryptographic accelerator hardware and running unpatched kernels between the introducing commit (9739f5f93b78) and the fix commits are vulnerable. A local low-privileged user who can trigger driver detach - via module unload or device removal - can crash the kernel, resulting in a full system denial of service. No public exploit exists and EPSS is 0.02% (4th percentile), indicating negligible in-the-wild activity.

Technical ContextAI

The vulnerability resides in the Inside Secure EIP-93 hardware crypto driver (drivers/crypto/inside-secure/eip93) within the Linux kernel. The EIP-93 is a cryptographic accelerator IP core used in embedded systems and networking hardware. During the driver detach/cleanup path, a defective loop iterator causes the driver to invoke the kernel crypto subsystem's algorithm deregistration function on the same hash algorithm object multiple times. The crypto subsystem cannot safely handle double-unregistration of an already-freed or invalidated algorithm entry, triggering a kernel panic. The root cause is a logic error in resource cleanup, analogous to CWE-415 (Double Free) or CWE-672 (Operation on Resource after Expiration), though no CWE has been officially assigned. The CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* covers all affected kernel versions from the introducing commit onward. Notably, the EUVD tag 'Information Disclosure' is contradicted by the CVSS vector (C:N), which confirms no confidentiality impact; the sole real-world impact is availability via kernel crash.

RemediationAI

Upgrade to a patched Linux kernel stable release: 6.18.14, 6.19.4, 7.0, or apply the backported fix for the 6.15 stable series. The three upstream stable fix commits are available at https://git.kernel.org/stable/c/7530c3595d1e23bc5938cbd44b7e8f33457fc71f, https://git.kernel.org/stable/c/91c6f25075a8f8fbd7316d73e1edf281a94f78df, and https://git.kernel.org/stable/c/b6e32ba6d32503440a3e3e16c8d0521cbb7e0c5d. As a compensating control on systems where immediate kernel upgrade is not feasible, blacklist the eip93 module by adding 'blacklist eip93' to /etc/modprobe.d/blacklist.conf and rebuilding the initramfs - this prevents the driver from loading, eliminating the vulnerable code path entirely. The trade-off is loss of hardware crypto acceleration: all cryptographic operations previously offloaded to the EIP-93 hardware will fall back to software implementations, introducing a CPU overhead and potential throughput reduction on high-traffic or crypto-intensive workloads.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Not-Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Not-Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Not-Affected

Share

CVE-2026-45937 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy