CVE-2026-43043
Published: May 1, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AF_ALG interface fails to unmark the end of a Scatter/Gather List (SGL) when chaining a new af_alg_tsgl structure. If a sendmsg() fills an SGL exactly to MAX_SGL_ENTS, the last entry is marked as the end. A subsequent sendmsg() allocates a new SGL and chains it, but fails to clear the end marker on the previous SGL's last data entry. This causes the crypto scatterwalk to hit a premature end, returning NULL on sg_next() and leading to a kernel panic during dereference. Fix this by explicitly unmarking the end of the previous SGL when performing sg_chain() in af_alg_alloc_tsgl().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < f48d3dd99199180cf37d6253550c55e86372309aaffected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < f9acceae7b004956851fd4268edf9f518a9bce04affected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < 7195350fb78538c25cd790d703f8f2c73ee0d395affected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < 7cdf2c6381b21ab5ccf8116750d5582fcd6c0f49affected 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 - < 44eafa39363e8d5dfda6a8c6eb6b45458ed4b948+3 more versions |
Linux | Linux | affected 2.6.38unaffected 0 - < 2.6.38unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.168 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now