Description
In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Cap AEAD AD length to 0x80000000

In order to prevent arithmetic overflows when checking the TX
buffer size, cap the associated data length to 0x80000000.
Published: 2026-06-24
Score: 7.0 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel’s af_alg protocol exposed an unchecked length for associated data in an AEAD operation. During the calculation of the transmit buffer size, if the length exceeded 0x occur, potentially corrupting kernel memory or turning the system into a denial‑of‑service state. A kernel patch now limits the associated data length to 0x80000000, preventing that wraparound and the associated corruption.

Affected Systems

Any Linux kernel build that does not include the commit adding the 0x80000000 cap on AEAD associated data is vulnerable. This includes all unpatched or custom kernel versions that predate the introduction of the fix. The CNA lists Linux kernel as the affected vendor, so any such kernel that remains in this state is at risk.

Risk and Exploitability

of 7.0 indicates a medium severity vulnerability. The EPSS score of < 1% suggests a very low likelihood of exploitation. Based on the description, it is inferred that if an af_alg socket is reachable by an attacker, a crafted AEAD payload could trigger the overflow, potentially causing a kernel crash or reboot. The risk is confined to the af_alg interface and applies only to unpatched kernel versions.

Generated by OpenCVE AI on June 27, 2026 at 03:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that incorporates the commit that caps AEAD associated data lengths to 0x80000000
  • If the af_alg interface is unnecessary, disable it or restrict socket creation so that only trusted processes can open it
  • Watch system logs for kernel panics or unusual cryptographic activity that might indicate an exploitation attempt

Generated by OpenCVE AI on June 27, 2026 at 03:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4664-1 linux security update
Debian DLA Debian DLA DLA-4665-1 linux security update
Debian DLA Debian DLA DLA-4671-1 linux-6.1 security update
History

Mon, 29 Jun 2026 05:30:00 +0000


Sat, 27 Jun 2026 02:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-682

Sat, 27 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Important


Wed, 24 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190
CWE-682

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000.
Title crypto: af_alg - Cap AEAD AD length to 0x80000000
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-07-15T02:46:50.271Z

Reserved: 2026-06-09T07:44:35.375Z

Link: CVE-2026-52972

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Important

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-52972 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-27T04:00:10Z

Weaknesses
  • CWE-190

    Integer Overflow or Wraparound