CVE-2026-43330
Buffer Overflow in Linux Kernel CAAM Crypto Driver
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been resolved by fixing the Linux kernel crypto caam module to prevent overflow on long HMAC keys. The fix involves replacing kmemdup with kmalloc followed by memcpy to properly allocate memory with DMA cache alignment.
To mitigate this vulnerability immediately, you should update your Linux kernel to a version that includes this fix.
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's crypto subsystem, specifically in the caam module handling HMAC keys. When a key longer than the block size is supplied, the key is copied and then hashed into the actual key used. The memory allocated for this copy must be aligned to the DMA cache size to prevent corruption of adjacent memory.
The issue arises because the copying is done using kmemdup, which causes an overflow by reading more bytes than the original key length from the source buffer. This overflow can lead to memory corruption. The fix replaces kmemdup with kmalloc followed by memcpy to correctly handle the memory allocation and copying without overflow.
How can this vulnerability impact me? :
This vulnerability can lead to memory corruption in the Linux kernel when handling long HMAC keys. Memory corruption can cause unpredictable behavior including crashes, data corruption, or potential security risks such as privilege escalation or information leakage depending on how the corrupted memory is used.