CVE-2026-43043

UNKNOWN 0.0

crypto: af-alg - fix NULL pointer dereference in scatterwalk

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AF_ALG interface fails to unmark the end of a Scatter/Gather List (SGL) when chaining a new af_alg_tsgl structure. If a sendmsg() fills an SGL exactly to MAX_SGL_ENTS, the last entry is marked as the end. A subsequent sendmsg() allocates a new SGL and chains it, but fails to clear the end marker on the previous SGL's last data entry. This causes the crypto scatterwalk to hit a premature end, returning NULL on sg_next() and leading to a kernel panic during dereference. Fix this by explicitly unmarking the end of the previous SGL when performing sg_chain() in af_alg_alloc_tsgl().

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 1, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < f48d3dd99199180cf37d6253550c55e86372309a 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < f9acceae7b004956851fd4268edf9f518a9bce04 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 7195350fb78538c25cd790d703f8f2c73ee0d395 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 7cdf2c6381b21ab5ccf8116750d5582fcd6c0f49 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 44eafa39363e8d5dfda6a8c6eb6b45458ed4b948 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 00cbdec17c15d024a1c5002c7365df7624a18a75 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 4b03ab0a587ec57eb7ddb5c115d84a42896f60f7 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 62397b493e14107ae82d8b80938f293d95425bcb

Linux / Linux

2.6.38

References

NVD ↗ CVE.org ↗ EPSS Data ↗