Description
In the Linux kernel, the following vulnerability has been resolved:

xfrm: ah: account for ESN high bits in async callbacks

AH allocates its temporary auth/ICV layout differently when ESN is enabled:
the async ahash setup appends a 4-byte seqhi slot before the ICV or
auth_data area, but the async completion callbacks still reconstruct the
temporary layout as if seqhi were absent.

With an async AH implementation selected, that makes AH copy or compare
the wrong bytes on both the IPv4 and IPv6 paths. In UML repro on IPv4 AH
with ESN and forced async hmac(sha1), ping fails with 100% packet loss,
and the callback logs show the pre-fix drift:

ah4 output_done: esn=1 err=0 icv_off=20 expected_off=24
ah4 input_done: esn=1 auth_off=20 expected_auth_off=24 icv_off=32 expected_icv_off=36

Reconstruct the callback-side layout the same way the setup path built it
by skipping the ESN seqhi slot before locating the saved auth_data or ICV.
Per RFC 4302, the ESN high-order 32 bits participate in the AH ICV
computation, so the async callbacks must account for the seqhi slot.

Post-fix, the same IPv4 AH+ESN+forced-async-hmac(sha1) UML repro shows
the corrected offset (ah4 output_done: esn=1 err=0 icv_off=24
expected_off=24) and ping succeeds; net/ipv4/ah4.o and net/ipv6/ah6.o
build clean at W=1. IPv6 AH+ESN was not exercised at runtime, and the
change has not been tested against a real async hardware AH engine.
Published: 2026-05-28
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

In the Linux kernel, the Authentication Header (AH) implementation incorrectly handled the Extended Sequence Number (ESN) when operating asynchronously. The setup path inserted a 4‑byte seqhi slot but completion callbacks rebuilt the layout without accounting for it, causing the header to read or compare wrong bytes. This mismatch prevents the AH integrity check from succeeding, resulting in dropped packets and effectively denial of service on IPv4 traffic that uses AH+ESN. The issue was demonstrated on an IPv4 UML setup with forced async hmac(sha1). While the same code path exists for IPv6, the CVE description notes that IPv6 AH+ESN was not exercised at runtime and has not been tested against real async hardware, so IPv6 impact is inferred but not confirmed.

Affected Systems

All systems running Linux kernel versions that enable asynchronous AH processing with ESN are affected. The patch addresses both net/ipv4/ah4.o and net/ipv6/ah6.o. Specific affected versions are not enumerated in the report, so any kernel that implements AH+ESN asynchronously and has not incorporated this fix is vulnerable.

Risk and Exploitability

The vulnerability is network‑based and requires the ability to send crafted AH packets with ESN to a target, which most systems can do over the public Internet or internal network. Based on the description, it is inferred that the attacker would need to send these packets in order to trigger packet loss. An attacker could force packet loss, disrupting connectivity without any authentication or privilege escalation. The CVSS score is 5.5, reflecting a medium severity. The EPSS score is < 1%, indicating a very low likelihood of exploitation, and the CVE is not listed in the CISA KEV catalog. Given that the failure is tied to kernel packet processing, the impact is high for systems where AH+ESN is routinely used.

Generated by OpenCVE AI on June 10, 2026 at 20:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Linux kernel patch that fixes the AH ESN handling bug
  • If immediate kernel upgrade is not possible, temporarily disable asynchronous AH processing or ESN for AH traffic to avoid the bug
  • Restart the networking stack or reboot the system to ensure the updated modules are loaded

Generated by OpenCVE AI on June 10, 2026 at 20:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Fri, 29 May 2026 05:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-406
CWE-760

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-823
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Thu, 28 May 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-406
CWE-760

Thu, 28 May 2026 10:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or auth_data area, but the async completion callbacks still reconstruct the temporary layout as if seqhi were absent. With an async AH implementation selected, that makes AH copy or compare the wrong bytes on both the IPv4 and IPv6 paths. In UML repro on IPv4 AH with ESN and forced async hmac(sha1), ping fails with 100% packet loss, and the callback logs show the pre-fix drift: ah4 output_done: esn=1 err=0 icv_off=20 expected_off=24 ah4 input_done: esn=1 auth_off=20 expected_auth_off=24 icv_off=32 expected_icv_off=36 Reconstruct the callback-side layout the same way the setup path built it by skipping the ESN seqhi slot before locating the saved auth_data or ICV. Per RFC 4302, the ESN high-order 32 bits participate in the AH ICV computation, so the async callbacks must account for the seqhi slot. Post-fix, the same IPv4 AH+ESN+forced-async-hmac(sha1) UML repro shows the corrected offset (ah4 output_done: esn=1 err=0 icv_off=24 expected_off=24) and ping succeeds; net/ipv4/ah4.o and net/ipv6/ah6.o build clean at W=1. IPv6 AH+ESN was not exercised at runtime, and the change has not been tested against a real async hardware AH engine.
Title xfrm: ah: account for ESN high bits in async callbacks
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-14T18:01:40.026Z

Reserved: 2026-05-13T15:03:33.104Z

Link: CVE-2026-46193

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T10:16:34.923

Modified: 2026-06-10T19:20:04.847

Link: CVE-2026-46193

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-28T00:00:00Z

Links: CVE-2026-46193 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T20:30:28Z

Weaknesses