Description
In the Linux kernel, the following vulnerability has been resolved:

crypto: krb5enc - fix async decrypt skipping hash verification

krb5enc_dispatch_decrypt() sets req->base.complete as the skcipher
callback, which is the caller's own completion handler. When the
skcipher completes asynchronously, this signals "done" to the caller
without executing krb5enc_dispatch_decrypt_hash(), completely bypassing
the integrity verification (hash check).

Compare with the encrypt path which correctly uses
krb5enc_encrypt_done as an intermediate callback to chain into the
hash computation on async completion.

Fix by adding krb5enc_decrypt_done as an intermediate callback that
chains into krb5enc_dispatch_decrypt_hash() upon async skcipher
completion, matching the encrypt path's callback pattern.

Also fix EBUSY/EINPROGRESS handling throughout: remove
krb5enc_request_complete() which incorrectly swallowed EINPROGRESS
notifications that must be passed up to callers waiting on backlogged
requests, and add missing EBUSY checks in krb5enc_encrypt_ahash_done
for the dispatch_encrypt return value.


Unset MAY_BACKLOG on the async completion path so the user won't
see back-to-back EINPROGRESS notifications.
Published: 2026-05-01
Score: 7.0 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel’s Kerberos encryption helper (krb5enc) previously allowed an asynchronous decryption operation to skip the hash verification step. During async completion the kernel called the caller’s completion handler directly, bypassing the additional hash‑check function that would normally confirm the integrity of the decrypted data. This flaw meant that forged or tampered ciphertext could be accepted as valid, undermining the integrity guarantees of Kerberos authentication and related encrypted data exchanges.

Affected Systems

All Linux kernel releases that include the affected krb5enc path prior to the commit fixing the async decrypt hash verification are vulnerable. The CVE entry indicates that the problem resides in the kernel crypto stack for the Linux vendor’s generic kernel package, impacting every distribution that ships the default Linux kernel without the patch.

Risk and Exploitability

The vulnerability is a missing integrity check (CWE-325) and can be exercised via the Kerberos async decryption interface, which user‑space Kerberos libraries typically invoke. The CVSS score of 7.0 signals high severity, and while the EPSS score is not available and the issue is not listed in the CISA KEV catalog, the potential to subvert authentication and data integrity is significant. Attacks are likely to arise from malicious or compromised Kerberos clients or services that can provide crafted ciphertext to the kernel’s decryption helper.

Generated by OpenCVE AI on May 2, 2026 at 12:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that includes the commit fixing the async decrypt hash verification flaw
  • Reboot the system to load the updated kernel and ensure all services use the patched crypto helpers
  • If a kernel update cannot be applied immediately, configure critical Kerberos services to perform synchronous decryption or disable usage of the asynchronous path where possible

Generated by OpenCVE AI on May 2, 2026 at 12:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 02 May 2026 11:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-357

Sat, 02 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-325
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Sat, 02 May 2026 00:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-357

Fri, 01 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5enc_dispatch_decrypt() sets req->base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this signals "done" to the caller without executing krb5enc_dispatch_decrypt_hash(), completely bypassing the integrity verification (hash check). Compare with the encrypt path which correctly uses krb5enc_encrypt_done as an intermediate callback to chain into the hash computation on async completion. Fix by adding krb5enc_decrypt_done as an intermediate callback that chains into krb5enc_dispatch_decrypt_hash() upon async skcipher completion, matching the encrypt path's callback pattern. Also fix EBUSY/EINPROGRESS handling throughout: remove krb5enc_request_complete() which incorrectly swallowed EINPROGRESS notifications that must be passed up to callers waiting on backlogged requests, and add missing EBUSY checks in krb5enc_encrypt_ahash_done for the dispatch_encrypt return value. Unset MAY_BACKLOG on the async completion path so the user won't see back-to-back EINPROGRESS notifications.
Title crypto: krb5enc - fix async decrypt skipping hash verification
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-01T13:56:13.385Z

Reserved: 2026-03-09T15:48:24.134Z

Link: CVE-2026-31719

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-01T14:16:22.077

Modified: 2026-05-01T15:24:14.893

Link: CVE-2026-31719

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-01T00:00:00Z

Links: CVE-2026-31719 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T12:30:27Z

Weaknesses