7

CVE-2026-52972

crypto: af_alg - Cap AEAD AD length to 0x80000000

In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Cap AEAD AD length to 0x80000000

In order to prevent arithmetic overflows when checking the TX
buffer size, cap the associated data length to 0x80000000.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
HerstellerRed Hat
Produkt Red Hat Enterprise Linux 10
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux 8
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux 9
Default Statusaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux 6
Default Statusunaffected
HerstellerRed Hat
Produkt Red Hat Enterprise Linux 7
Default Statusunaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.037
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 7 1 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/f8a5203596797f394ff3f9aa4005597a92249802
https://git.kernel.org/stable/c/a9f68d9ed38dd6e5a6c6d75b03d25c1c133e321d
https://git.kernel.org/stable/c/a4fe4eb580bbc7439f649a496d4cf38415a4021c
https://git.kernel.org/stable/c/e4c4a5074532eaaa14951994a3aad0d479aa7431
https://git.kernel.org/stable/c/265ac26d1c5e17b34d497cbda1f754a1ec8552bc
https://git.kernel.org/stable/c/a1c5672faf8e93e38c2deac3979cc767ca5cf918
https://git.kernel.org/stable/c/97948906dc8e0ea84775e03e35b60a2063c70193
https://git.kernel.org/stable/c/e4c06479d7059888adf2f22bc1ebcf053bf691a2
https://bugzilla.redhat.com/show_bug.cgi?id=2492364
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-52972.json
https://access.redhat.com/security/cve/CVE-2026-52972