Description
In the Linux kernel, the following vulnerability has been resolved:

xfrm: ah: account for ESN high bits in async callbacks

AH allocates its temporary auth/ICV layout differently when ESN is enabled:
the async ahash setup appends a 4-byte seqhi slot before the ICV or
auth_data area, but the async completion callbacks still reconstruct the
temporary layout as if seqhi were absent.

With an async AH implementation selected, that makes AH copy or compare
the wrong bytes on both the IPv4 and IPv6 paths. In UML repro on IPv4 AH
with ESN and forced async hmac(sha1), ping fails with 100% packet loss,
and the callback logs show the pre-fix drift:

ah4 output_done: esn=1 err=0 icv_off=20 expected_off=24
ah4 input_done: esn=1 auth_off=20 expected_auth_off=24 icv_off=32 expected_icv_off=36

Reconstruct the callback-side layout the same way the setup path built it
by skipping the ESN seqhi slot before locating the saved auth_data or ICV.
Per RFC 4302, the ESN high-order 32 bits participate in the AH ICV
computation, so the async callbacks must account for the seqhi slot.

Post-fix, the same IPv4 AH+ESN+forced-async-hmac(sha1) UML repro shows
the corrected offset (ah4 output_done: esn=1 err=0 icv_off=24
expected_off=24) and ping succeeds; net/ipv4/ah4.o and net/ipv6/ah6.o
build clean at W=1. IPv6 AH+ESN was not exercised at runtime, and the
change has not been tested against a real async hardware AH engine.
Published: 2026-05-28
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

In the Linux kernel, the Authentication Header (AH) implementation incorrectly handled the Extended Sequence Number (ESN) when operating asynchronously. The setup path inserted a 4‑byte seqhi slot but completion callbacks rebuilt the layout without accounting for it, causing the header to read or compare wrong bytes. This mismatch prevents the AH integrity check from succeeding, leading to drop of packets and, effectively, denial of service on both IPv4 and IPv6 traffic that use AH+ESN.

Affected Systems

All systems running Linux kernel versions that enable asynchronous AH processing with ESN are affected, as identified by the CVE. The patch works for both net/ipv4/ah4.o and net/ipv6/ah6.o. Specific affected versions are not enumerated in the report, so any kernel that implements AH+ESN asynchronously and has not incorporated this fix is vulnerable.

Risk and Exploitability

The vulnerability is network‑based and requires the ability to send crafted AH packets with ESN to a target, which most systems can do over the public Internet or internal network. An attacker could force packet loss, disrupting connectivity without any authentication or privilege escalation. No exploit code is publicly available, and the EPSS score is not provided, but the CVE is not listed in the CISA KEV catalog. Given that the failure is tied to kernel packet processing, the impact is high for systems where AH+ESN is routinely used.

Generated by OpenCVE AI on May 28, 2026 at 11:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a version containing the fix for CVE-2026-46193.
  • Reboot or reload the networking stack so the updated kernel code is active.
  • Verify AH+ESN traffic is processed correctly by testing connectivity (for example, ping over AH). If issues persist, consider disabling ESN or async AH temporarily via sysctl or compile‑time options until the kernel is updated.

Generated by OpenCVE AI on May 28, 2026 at 11:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-406
CWE-760

Thu, 28 May 2026 10:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or auth_data area, but the async completion callbacks still reconstruct the temporary layout as if seqhi were absent. With an async AH implementation selected, that makes AH copy or compare the wrong bytes on both the IPv4 and IPv6 paths. In UML repro on IPv4 AH with ESN and forced async hmac(sha1), ping fails with 100% packet loss, and the callback logs show the pre-fix drift: ah4 output_done: esn=1 err=0 icv_off=20 expected_off=24 ah4 input_done: esn=1 auth_off=20 expected_auth_off=24 icv_off=32 expected_icv_off=36 Reconstruct the callback-side layout the same way the setup path built it by skipping the ESN seqhi slot before locating the saved auth_data or ICV. Per RFC 4302, the ESN high-order 32 bits participate in the AH ICV computation, so the async callbacks must account for the seqhi slot. Post-fix, the same IPv4 AH+ESN+forced-async-hmac(sha1) UML repro shows the corrected offset (ah4 output_done: esn=1 err=0 icv_off=24 expected_off=24) and ping succeeds; net/ipv4/ah4.o and net/ipv6/ah6.o build clean at W=1. IPv6 AH+ESN was not exercised at runtime, and the change has not been tested against a real async hardware AH engine.
Title xfrm: ah: account for ESN high bits in async callbacks
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-28T09:36:46.611Z

Reserved: 2026-05-13T15:03:33.104Z

Link: CVE-2026-46193

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-28T10:16:34.923

Modified: 2026-05-28T10:16:34.923

Link: CVE-2026-46193

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T12:00:14Z

Weaknesses