CVE-2026-46028
Analyzed Analyzed - Analysis Complete
AF_ALG AEAD Request IV Snapshot in Linux Kernel

Publication date: 2026-05-27

Last updated on: 2026-06-16

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - snapshot IV for async AEAD requests AF_ALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the original request has fully completed, which can lead to inconsistent IV handling. Snapshot the IV into per-request storage when preparing the AEAD request, so in-flight operations no longer depend on mutable socket state.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-46028
EUVD
EUVD-2026-32409
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 4.14 (inc) to 5.10.254 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.204 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.170 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.137 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.85 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.27 (exc)
linux linux_kernel From 6.19 (inc) to 7.0.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's crypto subsystem, specifically in the algif_aead module handling AEAD (Authenticated Encryption with Associated Data) requests using the AF_ALG interface.

The issue arises because asynchronous AEAD requests share a socket-wide initialization vector (IV) buffer during processing. Since the IV buffer is mutable and shared, later socket activity can modify the IV before the original asynchronous request completes, leading to inconsistent IV handling.

The fix involves snapshotting the IV into per-request storage when preparing the AEAD request, ensuring that each in-flight operation uses its own immutable IV state and does not depend on the mutable socket-wide IV buffer.

Impact Analysis

This vulnerability can lead to inconsistent handling of the initialization vector (IV) during asynchronous AEAD encryption or decryption operations.

Inconsistent IV handling can compromise the cryptographic integrity and security of encrypted data, potentially allowing attackers to exploit predictable or reused IVs, which may weaken encryption guarantees.

Such cryptographic weaknesses could lead to data exposure, unauthorized data modification, or other security breaches depending on how the cryptographic operations are used in the system.

Mitigation Strategies

The vulnerability has been resolved by updating the Linux kernel to snapshot the IV into per-request storage for AEAD requests, preventing inconsistent IV handling.

Therefore, the immediate step to mitigate this vulnerability is to update your Linux kernel to a version that includes this fix.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46028. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart