Описание
In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert to operating out-of-place
This mostly reverts commit 72548b093ee3 except for the copying of
the associated data.
There is no benefit in operating in-place in algif_aead since the
source and destination come from different mappings. Get rid of
all the complexity added for in-place operation and just copy the
AD directly.
A flaw was found in the Linux kernel's algif_aead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive system files and escalate to root privileges.
Отчет
This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel's cryptographic interface to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.
Меры по смягчению последствий
See the security bulletin for a detailed mitigation procedure.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| NVIDIA for RHEL 10 | kernel | Fixed | RHSA-2026:14926 | 07.05.2026 |
| Red Hat Enterprise Linux 10 | kernel | Fixed | RHSA-2026:13566 | 04.05.2026 |
| Red Hat Enterprise Linux 10 | kernel | Fixed | RHSA-2026:19074 | 19.05.2026 |
| Red Hat Enterprise Linux 10.0 Extended Update Support | kernel | Fixed | RHSA-2026:13887 | 05.05.2026 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2026:13578 | 05.05.2026 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2026:13577 | 05.05.2026 |
| Red Hat Enterprise Linux 8 | kpatch-patch | Fixed | RHSA-2026:15976 | 11.05.2026 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
In the Linux kernel, the following vulnerability has been resolved: c ...
EPSS
7.8 High
CVSS3