Skip to main content

Linux Kernel CVE-2026-46033

| EUVDEUVD-2026-32414 HIGH
Out-of-bounds Read (CWE-125)
2026-05-27 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-f7w2-rj2f-73q3
7.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.1 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
vuln.today AI
7.1 HIGH

Local AF_ALG access by an unprivileged user (AV:L, PR:L, AC:L); out-of-bounds read leaks kernel memory (C:H) and can crash the kernel (A:H); no integrity impact described.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
SUSE
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Red Hat
7.0 HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 16, 2026 - 19:22 vuln.today
CVSS changed
Jun 16, 2026 - 17:07 NVD
7.1 (HIGH)
Patch available
May 27, 2026 - 19:46 EUVD
CVE Published
May 27, 2026 - 14:17 nvd
HIGH 7.1
CVE Published
May 27, 2026 - 14:17 nvd
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

crypto: authencesn - reject short ahash digests during instance creation

authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequence number data at the end of the authenticated data.

While crypto_authenc_esn_setauthsize() already rejects explicit non-zero authsizes in the range 1..3, crypto_authenc_esn_create() still copied auth->digestsize into inst->alg.maxauthsize without validating it. The AEAD core then initialized the tfm's default authsize from that value.

As a result, selecting an ahash with digest size 1..3, such as cbcmac(cipher_null), exposed authencesn instances whose default authsize was invalid even though setauthsize() would have rejected the same value. AF_ALG could then trigger the ESN tail handling with a too-short tag and hit an out-of-bounds access.

Reject authencesn instances whose ahash digest size is in the invalid non-zero range 1..3 so that no tfm can inherit an unsupported default authsize.

AnalysisAI

Out-of-bounds read in the Linux kernel's crypto authencesn AEAD wrapper allows a local user with AF_ALG access to trigger memory disclosure and possible denial of service by instantiating an authencesn transform built on an ahash whose digest size is 1-3 bytes (for example cbcmac(cipher_null)). The flaw stems from crypto_authenc_esn_create() failing to validate the inner digest size, letting an invalid default authsize bypass the existing setauthsize() check. No public exploit identified at time of analysis and EPSS probability is negligible (0.02%), but the upstream fix is shipping across multiple stable trees.

Technical ContextAI

The bug lives in crypto/authencesn.c, the kernel's ESN (Extended Sequence Number) variant of the authenc AEAD template used by IPsec and exposed to userspace via AF_ALG. authencesn requires the inner authentication transform to produce either a zero-length tag or one of at least 4 bytes, because the encrypt/decrypt paths unconditionally move 4 bytes of high-order ESN sequence data at the end of the associated data. crypto_authenc_esn_setauthsize() correctly rejects explicit authsizes of 1-3, but crypto_authenc_esn_create() copied the underlying ahash's digestsize into inst->alg.maxauthsize without the same gate, letting the AEAD core seed a tfm with an invalid default authsize. Pairing the template with a short-digest hash such as cbcmac(cipher_null) (4-byte boundary not met) caused the ESN tail handling to walk past the allocated buffer, matching CWE-125 (out-of-bounds read). The fix rejects ahash digest sizes in the 1-3 range during instance creation.

RemediationAI

Vendor-released patch: upgrade to Linux 6.6.140, 6.12.86, 6.18.27, 7.0.4, or 7.1-rc2 (or later) by picking up one of the stable commits listed at https://git.kernel.org/stable/c/5db6ef9847717329f12c5ea8aba7e9f588a980c0 and its siblings (67f1f093, 9aff81e8, b42821c1, b69933e9, 2f31cd1e, 77f59fb2, d4c6a6d0); distribution rebuilds from RHEL/SUSE/Ubuntu/Debian will land via their normal kernel security updates. Until the patched kernel is deployed, restrict access to the AF_ALG interface by ensuring CONFIG_CRYPTO_USER_API_AEAD is not enabled on systems that do not need it, or block the AF_ALG socket family via seccomp/LSM (SELinux, AppArmor) for untrusted users and containers, accepting that any userspace consumer relying on AF_ALG (cryptsetup integrity, some HSM shims, fscrypt tooling, openssl-afalg engine) will fall back to library crypto. As an additional compensating control, refuse to expose the authencesn template to unprivileged namespaces by removing or not auto-loading the authencesn module on hosts that do not terminate IPsec ESN locally; trade-off is that any in-kernel IPsec ESN consumer will fail to negotiate ESN-protected SAs.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Not-Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Not-Affected

Share

CVE-2026-46033 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy