CVE-2026-43078
Published: May 6, 2026
Modified: May 11, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl When page reassignment was added to af_alg_pull_tsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the reassignment so that this does not happen. Also update the comment which still refers to the obsolete offset argument.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e870456d8e7c8d57c059ea479b5aadbb55ff4c3a - < fa48d3ea9cdbfb28c1fd6756c6c5cd01351aa51eaffected e870456d8e7c8d57c059ea479b5aadbb55ff4c3a - < 2b781d1d4f933990318bcc5c68fb75a717379e42affected e870456d8e7c8d57c059ea479b5aadbb55ff4c3a - < f7826bc0b39928a4a22f6b815dd9940b22a63503affected e870456d8e7c8d57c059ea479b5aadbb55ff4c3a - < 710a4ce5d7afd9fe082c75dec282ab4a11c0fe71affected e870456d8e7c8d57c059ea479b5aadbb55ff4c3a - < c8369a6d62f5abde9cbd4b62c45bf4b996be2468+3 more versions |
Linux | Linux | affected 4.14unaffected 0 - < 4.14unaffected 5.10.254 - <= 5.10.*unaffected 5.15.204 - <= 5.15.*unaffected 6.1.170 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now