Description
In the Linux kernel, the following vulnerability has been resolved:

crypto: algif_aead - snapshot IV for async AEAD requests

AF_ALG AEAD AIO requests currently use the socket-wide IV buffer during
request processing. For async requests, later socket activity can
update that shared state before the original request has fully
completed, which can lead to inconsistent IV handling.

Snapshot the IV into per-request storage when preparing the AEAD
request, so in-flight operations no longer depend on mutable socket
state.
Published: 2026-05-27
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability originates from the Linux kernel cryptographic subsystem handling asynchronous AEAD requests. The implementation currently relies on a shared socket‑wide IV buffer. While a request is in‑flight, other socket activity can overwrite that buffer, causing the original request to use an incorrect or stale IV. This race condition can lead to improper encryption or decryption, resulting in data corruption, loss of confidentiality, or loss of integrity for the affected data streams. The flaw is a race condition and can cause buffer overwrites due to concurrency (CWE‑367).

Affected Systems

All installations of the generic Linux kernel that have not been updated with the fix are affected. The flaw exists in the kernel’s AF_ALG AEAD async module and is not limited to a specific release; any current or future kernel running the unpatched subsystem is vulnerable.

Risk and Exploitability

The CVSS score of 7.0 indicates a high severity, and the EPSS score is not available. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires the ability to introduce or manipulate asynchronous AEAD operations on the target system, typically implying local or privileged access. The likely attack vector is local or privileged execution to initiate async AEAD requests. Once the race condition is triggered, the resulting incorrect IV can cause decryption failures or leakage of plaintext, thereby compromising the integrity and confidentiality of any encrypted data processed by the kernel.

Generated by OpenCVE AI on May 28, 2026 at 05:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that includes the IV‑snapshot fix, which addresses the race condition and inconsistent processing (CWE‑367).
  • If a kernel upgrade is not immediately possible, disable or restrict asynchronous AEAD AIO requests on the system (e.g., unload the AF_ALG AEAD module or deny AIO socket operations) to eliminate the shared IV state.
  • Enable audit logging for crypto operations and monitor kernel logs for anomalous encryption/decryption errors that may indicate IV misuse.

Generated by OpenCVE AI on May 28, 2026 at 05:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4606-1 linux security update
Ubuntu USN Ubuntu USN USN-8350-1 Linux kernel (NVIDIA Tegra) vulnerabilities
Ubuntu USN Ubuntu USN USN-8351-1 Linux kernel (Low Latency) vulnerabilities
Ubuntu USN Ubuntu USN USN-8374-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8426-1 Linux kernel (Azure) vulnerabilities
History

Tue, 16 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
Metrics cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Thu, 28 May 2026 04:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1344
CWE-362

Thu, 28 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-367
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Wed, 27 May 2026 21:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1344
CWE-362

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - snapshot IV for async AEAD requests AF_ALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the original request has fully completed, which can lead to inconsistent IV handling. Snapshot the IV into per-request storage when preparing the AEAD request, so in-flight operations no longer depend on mutable socket state.
Title crypto: algif_aead - snapshot IV for async AEAD requests
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-14T17:49:01.589Z

Reserved: 2026-05-13T15:03:33.093Z

Link: CVE-2026-46028

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-05-27T14:17:21.420

Modified: 2026-06-16T15:54:18.680

Link: CVE-2026-46028

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-46028 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T05:30:06Z

Weaknesses