In the Linux kernel, the following vulnerability has been resolved:

crypto: algif_aead - Fix minimum RX size check for decryption

The check for the minimum receive buffer size did not take the
tag size into account during decryption. Fix this by adding the
required extra length.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
d887c52d6ae43aeebd249b5f2f1333e60236aa60 affected < 74a66fdb5282d89e348b00c42cfca3a936946d94
d887c52d6ae43aeebd249b5f2f1333e60236aa60 affected < fd427dd84f224309afbcc2cb67c7bb770a01265c
d887c52d6ae43aeebd249b5f2f1333e60236aa60 affected < 1c76b5675119f694458293a2a81f40731c69bd32
d887c52d6ae43aeebd249b5f2f1333e60236aa60 affected < e86ab1e5661386a874fbb8551f0c04b8e9f8ad22
d887c52d6ae43aeebd249b5f2f1333e60236aa60 affected < af2fa2fbbced26129813274b8b3f7705f280e174
d887c52d6ae43aeebd249b5f2f1333e60236aa60 affected < 78cea133daf721698876e56135049a96d39d610a
d887c52d6ae43aeebd249b5f2f1333e60236aa60 affected < 3afdc15d6173614d7d834517d9b65e7aa5a08548
d887c52d6ae43aeebd249b5f2f1333e60236aa60 affected < 3d14bd48e3a77091cbce637a12c2ae31b4a1687c
Linux Linux affected
Version Status Constraints
4.14 affected
0 unaffected < 4.14
5.10.254 unaffected ≤ 5.10.*
5.15.204 unaffected ≤ 5.15.*
6.1.170 unaffected ≤ 6.1.*
6.6.136 unaffected ≤ 6.6.*
6.12.83 unaffected ≤ 6.12.*
6.18.24 unaffected ≤ 6.18.*
6.19.14 unaffected ≤ 6.19.*
7.0 unaffected ≤ *

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux Subscribe
Linux Kernel Subscribe

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/1c76b5675119f694458293a2a81f40731c69bd32 cve-icon cve-icon
https://git.kernel.org/stable/c/3afdc15d6173614d7d834517d9b65e7aa5a08548 cve-icon cve-icon
https://git.kernel.org/stable/c/3d14bd48e3a77091cbce637a12c2ae31b4a1687c cve-icon cve-icon
https://git.kernel.org/stable/c/74a66fdb5282d89e348b00c42cfca3a936946d94 cve-icon cve-icon
https://git.kernel.org/stable/c/78cea133daf721698876e56135049a96d39d610a cve-icon cve-icon
https://git.kernel.org/stable/c/af2fa2fbbced26129813274b8b3f7705f280e174 cve-icon cve-icon
https://git.kernel.org/stable/c/e86ab1e5661386a874fbb8551f0c04b8e9f8ad22 cve-icon cve-icon
https://git.kernel.org/stable/c/fd427dd84f224309afbcc2cb67c7bb770a01265c cve-icon cve-icon
History

Wed, 06 May 2026 13:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119

Wed, 06 May 2026 09:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Fix minimum RX size check for decryption The check for the minimum receive buffer size did not take the tag size into account during decryption. Fix this by adding the required extra length.
Title crypto: algif_aead - Fix minimum RX size check for decryption
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-06T07:40:14.409Z

Reserved: 2026-05-01T14:12:55.983Z

Link: CVE-2026-43077

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-06T10:16:20.707

Modified: 2026-05-06T13:08:07.970

Link: CVE-2026-43077

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T13:00:04Z

Weaknesses

No weakness.