CVE-2026-46019 - Vulnerability Details

- crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup

Description

In the Linux kernel, the following vulnerability has been resolved:

crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup

atmel_aes_buff_init() allocates 4 pages using __get_free_pages() with
ATMEL_AES_BUFFER_ORDER, but atmel_aes_buff_cleanup() frees only the
first page using free_page(), leaking the remaining 3 pages. Use
free_pages() with ATMEL_AES_BUFFER_ORDER to fix the memory leak.

Published: 2026-05-27

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

A kernel driver responsible for the atmel-aes cipher incorrectly releases only one of four allocated pages, leaking three kernel pages per use. The flaw is a heap‑based resource leak (CWE‑401) and can accumulate until physical memory is exhausted, potentially crashing the system or causing a denial of service.

Affected Systems

The issue resides in the Linux kernel’s atmel-aes driver. No specific release range is listed, but any kernel that contains the driver code prior to the corrections in the referenced commits is susceptible.

Risk and Exploitability

The vulnerability could be exploited by local code that repeatedly calls the atmel‑aes functionality, leading to progressive memory exhaustion. No CVSS score or EPSS metric is available, and the flaw is not currently listed in the CISA KEV catalog. The most likely attack vector is local execution where the kernel module is available, and the impact is limited to availability through resource depletion.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`bbe628ed897d728d38c4035381d12b2f308fac6f`	affected	< b63f1e2f0e319ad3fe4a58eb3db4fd50cc98baca
`bbe628ed897d728d38c4035381d12b2f308fac6f`	affected	< 65b3589d39d05699c3850202f8333e5361033ea3
`bbe628ed897d728d38c4035381d12b2f308fac6f`	affected	< 61516b4a5b2647dc3f8f67b5dffaf038be997511
`bbe628ed897d728d38c4035381d12b2f308fac6f`	affected	< 230ad8a78fe67266b1ba4685da1abdd61471c5b8
`bbe628ed897d728d38c4035381d12b2f308fac6f`	affected	< 3fcfff4ed35f963380a68741bcd52742baff7f76

Linux

affected

Version	Status	Constraints
`4.5`	affected	—
`0`	unaffected	< 4.5
`6.6.140`	unaffected	≤ 6.6.*
`6.12.86`	unaffected	≤ 6.12.*
`6.18.27`	unaffected	≤ 6.18.*
`7.0.4`	unaffected	≤ 7.0.*
`7.1-rc1`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Linux kernel to a version that includes the atmel‑aes buffer cleanup fix referenced in the advisory commits.
Disable or unload the atmel‑aes driver, especially on systems that cannot be updated immediately, to prevent the exploitation of the memory leak.
Monitor system memory usage and kernel logs for abnormal growth patterns that may indicate repeated usage of the atmel‑aes functionality, and take corrective action if necessary.

Generated by OpenCVE AI on May 27, 2026 at 18:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/230ad8a78fe67266b1ba4685da1abdd61471c5b8
https://git.kernel.org/stable/c/3fcfff4ed35f963380a68741bcd52742baff7f76
https://git.kernel.org/stable/c/61516b4a5b2647dc3f8f67b5dffaf038be997511
https://git.kernel.org/stable/c/65b3589d39d05699c3850202f8333e5361033ea3
https://git.kernel.org/stable/c/b63f1e2f0e319ad3fe4a58eb3db4fd50cc98baca

History

Wed, 27 May 2026 19:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup atmel_aes_buff_init() allocates 4 pages using __get_free_pages() with ATMEL_AES_BUFFER_ORDER, but atmel_aes_buff_cleanup() frees only the first page using free_page(), leaking the remaining 3 pages. Use free_pages() with ATMEL_AES_BUFFER_ORDER to fix the memory leak.
Title		crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/230ad8a78fe67266b1ba4685da1abdd61471c5b8 https://git.kernel.org/stable/c/3fcfff4ed35f963380a68741bcd52742baff7f76 https://git.kernel.org/stable/c/61516b4a5b2647dc3f8f67b5dffaf038be997511 https://git.kernel.org/stable/c/65b3589d39d05699c3850202f8333e5361033ea3 https://git.kernel.org/stable/c/b63f1e2f0e319ad3fe4a58eb3db4fd50cc98baca

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:56:21.100Z

Updated: 2026-05-27T12:56:21.100Z

Reserved: 2026-05-13T15:03:33.092Z

Link: CVE-2026-46019

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:20.353

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-46019

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-27T18:45:39Z

Weaknesses

CWE-401

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object