CVE-2026-31677
Buffer Overflow in Linux Kernel af_alg RX Scatterlist Handling
Publication date: 2026-04-25
Last updated on: 2026-04-25
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is in the Linux kernel's crypto subsystem, specifically in the af_alg module. The issue involves the function af_alg_get_rsgl() which extracts data into the receive (RX) scatterlist without properly limiting the extraction to the available receive buffer budget.
The fix ensures that each RX scatterlist extraction is limited to the remaining receive buffer budget, so the receive-side accounting matches the actual amount of data attached to the request. If there is not enough RX space for at least one chunk of data, the recvmsg call is rejected instead of rounding the request length down to zero.
How can this vulnerability impact me? :
This vulnerability could lead to improper handling of received data buffers in the af_alg crypto interface, potentially causing data processing errors or unexpected behavior when receiving data.
If the receive buffer budget is not properly enforced, it might allow the system to process data incorrectly or cause resource accounting mismatches, which could lead to denial of service or other stability issues in applications relying on this crypto interface.