CVE-2026-43044
Description
In the Linux kernel, the following vulnerability has been resolved:
crypto: caam - fix DMA corruption on long hmac keys
When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwise the hashed key may corrupt neighbouring memory.
The rounding was performed, but never actually used for the allocation. Fix this by replacing kmemdup with kmalloc for a larger buffer, followed by memcpy.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In the Linux kernel's crypto caam driver, a DMA alignment bug when handling long HMAC keys could cause memory corruption, fixed by replacing kmemdup with kmalloc.
Vulnerability
Description
The Linux kernel's crypto caam driver, when supplied with an HMAC key longer than the block size, copies the key and then hashed into the real key, the memory allocated for the copy was not properly rounded to DMA cache alignment. Although the rounding was calculated, it was never used for the allocation, leading to potential corruption of adjacent memory. The fix replaces kmemdup with kmalloc to allocate a larger buffer and then performs a memcpy [1].
Exploitation
Prerequisites To exploitation, an attacker would need to supply a long HMAC key that triggers copying and hashing process. This requires the ability to interact with the caam hardware crypto accelerator, typically accessible through the kernel crypto API. No authentication is no authentication requirement beyond normal system access, the attacker may be user- or program on the local system [1].
Impact of
Vulnerability If successfully exploited, the DMA corruption could lead to memory corruption in the kernel, causing denial of service (system crash or instability) or potentially enabling privilege escalation. The CVSS v3 score of 7.8 (High) reflects the high impact on confidentiality, integrity, and availability, likely due to the ability an attacker to leverage corruption for arbitrary code execution in the kernel context [1].
Mitigation
Status The Linux kernel stable commits have been merged, addressing this vulnerability. Users are advised to apply the latest stable kernel updates that include the fix. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. No specific workaround is available, other than ensuring the kernel is up to date [1].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
9(expand)+ 8 more
- (no CPE)
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.3,<6.6.134
- cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
- (no CPE)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
News mentions
0No linked articles in our index yet.