CVE-2025-68726
Description
In the Linux kernel, the following vulnerability has been resolved:
crypto: aead - Fix reqsize handling
Commit afddce13ce81d ("crypto: api - Add reqsize to crypto_alg") introduced cra_reqsize field in crypto_alg struct to replace type specific reqsize fields. It looks like this was introduced specifically for ahash and acomp from the commit description as subsequent commits add necessary changes in these alg frameworks.
However, this is being recommended for use in all crypto algs instead of setting reqsize using crypto_*_set_reqsize(). Using cra_reqsize in aead algorithms, hence, causes memory corruptions and crashes as the underlying functions in the algorithm framework have not been updated to set the reqsize properly from cra_reqsize. [1]
Add proper set_reqsize calls in the aead init function to properly initialize reqsize for these algorithms in the framework.
[1]: https://gist.github.com/Pratham-T/24247446f1faf4b7843e4014d5089f6b
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A missing reqsize initialization in the Linux kernel's aead crypto framework causes memory corruption and crashes when using cra_reqsize.
Vulnerability
Description
In the Linux kernel, commit afddce13ce81d introduced the cra_reqsize field in crypto_alg to replace type-specific reqsize fields, initially for ahash and acomp algorithms. However, the aead (Authenticated Encryption with Associated Data) algorithm framework was not updated to properly set the request size from cra_reqsize, leading to memory corruption and crashes and memory corruption when aead algorithms use this field [1].
Exploitation
An attacker could trigger this vulnerability by loading or using aead crypto algorithms that rely on cra_reqsize without proper initialization. The bug manifests as memory corruption, which may be exploitable toggled by specific cryptographic operations. No special privileges are required beyond the ability to interact with the kernel's crypto subsystem, though local access is typically access is needed.
Impact
Successful exploitation results in kernel memory corruption, potentially leading to system crashes or arbitrary code execution in kernel space. This could allow an attacker to compromise system integrity or cause denial of service.
Mitigation
The fix adds proper set adds proper set_reqsize calls in the aead init function to correctly initialize reqsize from cra_reqsize`. The patch is available in the stable kernel tree [1]. Users should apply the update to prevent exploitation.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.