Description
In the Linux kernel, the following vulnerability has been resolved:

crypto: hisilicon/sec2 - prevent req used-after-free for sec

During packet transmission, if the system is under heavy load,
the hardware might complete processing the packet and free the
request memory (req) before the transmission function finishes.
If the software subsequently accesses this req, a use-after-free
error will occur. The qp_ctx memory exists throughout the packet
sending process, so replace the req with the qp_ctx.
Published: 2026-06-24
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel includes a hisilicon/sec2 crypto driver that incorrectly frees a request memory block (req) while the packet transmission routine is still using it during heavy load. This results in a use‑after‑free condition, which can corrupt kernel memory and cause crashes or service disruption. The flaw is described as CWE‑825 and does not inherently provide a direct pathway to remote code execution but can lead to denial of service or stability problems if triggered reliably.

Affected Systems

The vulnerability affects Linux kernel builds that include the hisilicon/sec2 crypto driver. No specific kernel version is listed; therefore, all kernel releases prior to the fix may be vulnerable until the patch is applied.

Risk and Exploitability

The CVSS score of 9.8 classifies the issue as critical, with an EPSS score of < 1 % indicating a very low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, suggesting no known active exploitation campaigns. It is inferred that an attacker could exploit the issue by generating a high rate of traffic to the interface that uses the Hisilicon sec2 hardware, creating a race condition that frees the req memory before it is used. Such an attack would require the ability to flood the target interface, which could be achieved by an attacker on or near the network path.

Generated by OpenCVE AI on June 28, 2026 at 14:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Linux kernel update that incorporates the hisilicon/sec2 driver fix.
  • If a kernel update is not immediately available, unload or disable the hisilicon/sec2 crypto module during periods of heavy network load to eliminate the use‑after‑free path.
  • Implement network traffic shaping or rate limiting on interfaces utilizing the Hisilicon sec2 hardware to reduce the likelihood of overwhelming the driver under load.

Generated by OpenCVE AI on June 28, 2026 at 14:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 28 Jun 2026 08:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Sat, 27 Jun 2026 04:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-416

Sat, 27 Jun 2026 00:15:00 +0000


Wed, 24 Jun 2026 19:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-416

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory (req) before the transmission function finishes. If the software subsequently accesses this req, a use-after-free error will occur. The qp_ctx memory exists throughout the packet sending process, so replace the req with the qp_ctx.
Title crypto: hisilicon/sec2 - prevent req used-after-free for sec
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-28T06:38:47.302Z

Reserved: 2026-06-09T07:44:35.381Z

Link: CVE-2026-53055

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity :

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-53055 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-28T14:45:17Z

Weaknesses
  • CWE-825

    Expired Pointer Dereference