{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-43077","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-01T14:12:55.983Z","datePublished":"2026-05-06T07:40:14.409Z","dateUpdated":"2026-05-11T22:17:16.763Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T22:17:16.763Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption.  Fix this by adding the\nrequired extra length."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["crypto/algif_aead.c"],"versions":[{"version":"d887c52d6ae43aeebd249b5f2f1333e60236aa60","lessThan":"74a66fdb5282d89e348b00c42cfca3a936946d94","status":"affected","versionType":"git"},{"version":"d887c52d6ae43aeebd249b5f2f1333e60236aa60","lessThan":"fd427dd84f224309afbcc2cb67c7bb770a01265c","status":"affected","versionType":"git"},{"version":"d887c52d6ae43aeebd249b5f2f1333e60236aa60","lessThan":"1c76b5675119f694458293a2a81f40731c69bd32","status":"affected","versionType":"git"},{"version":"d887c52d6ae43aeebd249b5f2f1333e60236aa60","lessThan":"e86ab1e5661386a874fbb8551f0c04b8e9f8ad22","status":"affected","versionType":"git"},{"version":"d887c52d6ae43aeebd249b5f2f1333e60236aa60","lessThan":"af2fa2fbbced26129813274b8b3f7705f280e174","status":"affected","versionType":"git"},{"version":"d887c52d6ae43aeebd249b5f2f1333e60236aa60","lessThan":"78cea133daf721698876e56135049a96d39d610a","status":"affected","versionType":"git"},{"version":"d887c52d6ae43aeebd249b5f2f1333e60236aa60","lessThan":"3afdc15d6173614d7d834517d9b65e7aa5a08548","status":"affected","versionType":"git"},{"version":"d887c52d6ae43aeebd249b5f2f1333e60236aa60","lessThan":"3d14bd48e3a77091cbce637a12c2ae31b4a1687c","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["crypto/algif_aead.c"],"versions":[{"version":"4.14","status":"affected"},{"version":"0","lessThan":"4.14","status":"unaffected","versionType":"semver"},{"version":"5.10.254","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.204","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.170","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.136","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.83","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.24","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19.14","lessThanOrEqual":"6.19.*","status":"unaffected","versionType":"semver"},{"version":"7.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.10.254"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.15.204"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.1.170"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.6.136"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.12.83"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.18.24"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.19.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"7.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/74a66fdb5282d89e348b00c42cfca3a936946d94"},{"url":"https://git.kernel.org/stable/c/fd427dd84f224309afbcc2cb67c7bb770a01265c"},{"url":"https://git.kernel.org/stable/c/1c76b5675119f694458293a2a81f40731c69bd32"},{"url":"https://git.kernel.org/stable/c/e86ab1e5661386a874fbb8551f0c04b8e9f8ad22"},{"url":"https://git.kernel.org/stable/c/af2fa2fbbced26129813274b8b3f7705f280e174"},{"url":"https://git.kernel.org/stable/c/78cea133daf721698876e56135049a96d39d610a"},{"url":"https://git.kernel.org/stable/c/3afdc15d6173614d7d834517d9b65e7aa5a08548"},{"url":"https://git.kernel.org/stable/c/3d14bd48e3a77091cbce637a12c2ae31b4a1687c"}],"title":"crypto: algif_aead - Fix minimum RX size check for decryption","x_generator":{"engine":"bippy-1.2.0"}}}}