EUVD-2026-38840

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 - Linux Kernel AFALG "Copy Fail" Local Privile...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 "Copy Fail" - Advanced LPE Proof-of-Concept -...

Linux Distros Unpatched Vulnerability : CVE-2026-43078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was...

PT-2026-37388

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An overflow occurs in the af alg pull tsgl function within the crypto: af alg component. This issue arises because the original loop was not updated when page reassignment was added,...

kernel security update

4.18.0-553.123.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 CVE...

Linux Distros Unpatched Vulnerability : CVE-2026-43043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: af-alg - fix NULL pointer dereference in scatterwalk The AFALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new...

CVE-2026-43043

In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AFALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new afalgtsgl structure. If a sendmsg fills an SGL exactly to MAXSGLENTS, the...

CVE-2026-43043

The CVE describes a Linux kernel vulnerability in the AF_ALG crypto interface where chaining a new af_alg_tsgl structure can leave the end marker of the previous Scatter/Gather List uncleared when a sendmsg exactly fills MAX_SGL_ENTS. This causes sg_next() to return NULL, potentially leading to a...

CVE-2026-43043

In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AFALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new afalgtsgl structure. If a sendmsg fills an SGL exactly to MAXSGLENTS, the...

CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

Unbreakable Enterprise kernel security update: Copy Fail

5.15.0-319.201.4.4 - crypto: algifaead - Fix minimum RX size check for decryption Herbert Xu Orabug: 39291961 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39291961 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39291961 -...

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail – a 4‑byte page‑cache write prim...

CVE-2026-31677

A flaw was found in the Linux kernel's afalg Algorithm Interface component. This vulnerability allows a local attacker to cause a denial of service DoS by sending specially crafted requests. The afalggetrsgl function fails to properly limit the extraction of receive scatterlist RX SG data based o...

CVE-2026-31677

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - limit RX SG extraction by receive buffer budget Make afalggetrsgl limit each RX scatterlist extraction to the remaining receive buffer budget. afalggetrsgl currently uses afalgreadable only as a gate before...

EUVD-2026-25644

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - limit RX SG extraction by receive buffer budget Make afalggetrsgl limit each RX scatterlist extraction to the remaining receive buffer budget. afalggetrsgl currently uses afalgreadable only as a gate before...

CVE-2026-31677

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - limit RX SG extraction by receive buffer budget Make afalggetrsgl limit each RX scatterlist extraction to the remaining receive buffer budget. afalggetrsgl currently uses afalgreadable only as a gate before...

CVE-2026-31677

The CVE-2026-31677 issue affects the Linux kernel af_alg path. The root cause is that af_alg_get_rsgl() could extract RX scatterlist data beyond the remaining receive budget, allowing a local attacker to trigger a DoS via recvmsg when there isn’t enough RX space for a chunk. The fix tightens budg...