Medium severity5.5NVD Advisory· Published May 6, 2026· Updated May 20, 2026
CVE-2026-43077
CVE-2026-43077
Description
In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Fix minimum RX size check for decryption
The check for the minimum receive buffer size did not take the tag size into account during decryption. Fix this by adding the required extra length.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=4.14.1,<5.10.254
- cpe:2.3:o:linux:linux_kernel:4.14:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
- (no CPE)
- osv-coords8 versionspkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_84&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
< 4.12.14-122.317.1+ 7 more
- (no CPE)range: < 4.12.14-122.317.1
- (no CPE)range: < 4.12.14-122.317.1
- (no CPE)range: < 4.12.14-122.317.1
- (no CPE)range: < 4.12.14-122.317.1
- (no CPE)range: < 4.12.14-122.317.1
- (no CPE)range: < 4.12.14-122.317.1
- (no CPE)range: < 4.12.14-122.317.1
- (no CPE)range: < 1-8.7.1
Patches
Vulnerability mechanics
References
8- git.kernel.org/stable/c/1c76b5675119f694458293a2a81f40731c69bd32nvdPatch
- git.kernel.org/stable/c/3afdc15d6173614d7d834517d9b65e7aa5a08548nvdPatch
- git.kernel.org/stable/c/3d14bd48e3a77091cbce637a12c2ae31b4a1687cnvdPatch
- git.kernel.org/stable/c/74a66fdb5282d89e348b00c42cfca3a936946d94nvdPatch
- git.kernel.org/stable/c/78cea133daf721698876e56135049a96d39d610anvdPatch
- git.kernel.org/stable/c/af2fa2fbbced26129813274b8b3f7705f280e174nvdPatch
- git.kernel.org/stable/c/e86ab1e5661386a874fbb8551f0c04b8e9f8ad22nvdPatch
- git.kernel.org/stable/c/fd427dd84f224309afbcc2cb67c7bb770a01265cnvdPatch
News mentions
0No linked articles in our index yet.