7.8

CVE-2026-43078

EPSS 0.01%
Veröffentlicht 06.05.2026 07:40:15
Zuletzt bearbeitet 08.05.2026 13:16:38
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl

In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl

When page reassignment was added to af_alg_pull_tsgl the original
loop wasn't updated so it may try to reassign one more page than
necessary.

Add the check to the reassignment so that this does not happen.

Also update the comment which still refers to the obsolete offset
argument.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version e870456d8e7c8d57c059ea479b5aadbb55ff4c3a

Version < fa48d3ea9cdbfb28c1fd6756c6c5cd01351aa51e

Status affected

Version e870456d8e7c8d57c059ea479b5aadbb55ff4c3a

Version < 2b781d1d4f933990318bcc5c68fb75a717379e42

Status affected

Version e870456d8e7c8d57c059ea479b5aadbb55ff4c3a

Version < f7826bc0b39928a4a22f6b815dd9940b22a63503

Status affected

Version e870456d8e7c8d57c059ea479b5aadbb55ff4c3a

Version < 710a4ce5d7afd9fe082c75dec282ab4a11c0fe71

Status affected

Version e870456d8e7c8d57c059ea479b5aadbb55ff4c3a

Version < c8369a6d62f5abde9cbd4b62c45bf4b996be2468

Status affected

Version e870456d8e7c8d57c059ea479b5aadbb55ff4c3a

Version < dea5fcf085f977b6c2de1b2d4ec4767b6c840d1f

Status affected

Version e870456d8e7c8d57c059ea479b5aadbb55ff4c3a

Version < 9532501e0f1b200ea80baa0e33e0b06da10bb271

Status affected

Version e870456d8e7c8d57c059ea479b5aadbb55ff4c3a

Version < 31d00156e50ecad37f2cb6cbf04aaa9a260505ef

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.14

Status affected

Version 0

Version < 4.14

Status unaffected

Version <= 5.10.*

Version 5.10.254

Status unaffected

Version <= 5.15.*

Version 5.15.204

Status unaffected

Version <= 6.1.*

Version 6.1.170

Status unaffected

Version <= 6.6.*

Version 6.6.137

Status unaffected

Version <= 6.12.*

Version 6.12.85

Status unaffected

Version <= 6.18.*

Version 6.18.24

Status unaffected

Version <= 6.19.*

Version 6.19.14

Status unaffected

Version <= *

Version 7.0

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.025

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/fa48d3ea9cdbfb28c1fd6756c6c5cd01351aa51e

https://git.kernel.org/stable/c/2b781d1d4f933990318bcc5c68fb75a717379e42

https://git.kernel.org/stable/c/f7826bc0b39928a4a22f6b815dd9940b22a63503

https://git.kernel.org/stable/c/710a4ce5d7afd9fe082c75dec282ab4a11c0fe71

https://git.kernel.org/stable/c/c8369a6d62f5abde9cbd4b62c45bf4b996be2468

https://git.kernel.org/stable/c/dea5fcf085f977b6c2de1b2d4ec4767b6c840d1f

https://git.kernel.org/stable/c/9532501e0f1b200ea80baa0e33e0b06da10bb271

https://git.kernel.org/stable/c/31d00156e50ecad37f2cb6cbf04aaa9a260505ef

https://nvd.nist.gov/vuln/detail/CVE-2026-43078

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-43078

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-43078

EUVD