CVE-2026-43078 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl

When page reassignment was added to af_alg_pull_tsgl the original
loop wasn't updated so it may try to reassign one more page than
necessary.

Add the check to the reassignment so that this does not happen.

Also update the comment which still refers to the obsolete offset
argument.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`e870456d8e7c8d57c059ea479b5aadbb55ff4c3a`	affected	< fa48d3ea9cdbfb28c1fd6756c6c5cd01351aa51e
`e870456d8e7c8d57c059ea479b5aadbb55ff4c3a`	affected	< 2b781d1d4f933990318bcc5c68fb75a717379e42
`e870456d8e7c8d57c059ea479b5aadbb55ff4c3a`	affected	< f7826bc0b39928a4a22f6b815dd9940b22a63503
`e870456d8e7c8d57c059ea479b5aadbb55ff4c3a`	affected	< 710a4ce5d7afd9fe082c75dec282ab4a11c0fe71
`e870456d8e7c8d57c059ea479b5aadbb55ff4c3a`	affected	< c8369a6d62f5abde9cbd4b62c45bf4b996be2468
`e870456d8e7c8d57c059ea479b5aadbb55ff4c3a`	affected	< dea5fcf085f977b6c2de1b2d4ec4767b6c840d1f
`e870456d8e7c8d57c059ea479b5aadbb55ff4c3a`	affected	< 9532501e0f1b200ea80baa0e33e0b06da10bb271
`e870456d8e7c8d57c059ea479b5aadbb55ff4c3a`	affected	< 31d00156e50ecad37f2cb6cbf04aaa9a260505ef

Linux

affected

Version	Status	Constraints
`4.14`	affected	—
`0`	unaffected	< 4.14
`5.10.254`	unaffected	≤ 5.10.*
`5.15.204`	unaffected	≤ 5.15.*
`6.1.170`	unaffected	≤ 6.1.*
`6.6.137`	unaffected	≤ 6.6.*
`6.12.85`	unaffected	≤ 6.12.*
`6.18.24`	unaffected	≤ 6.18.*
`6.19.14`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/2b781d1d4f933990318bcc5c68fb75a717379e42
https://git.kernel.org/stable/c/31d00156e50ecad37f2cb6cbf04aaa9a260505ef
https://git.kernel.org/stable/c/710a4ce5d7afd9fe082c75dec282ab4a11c0fe71
https://git.kernel.org/stable/c/9532501e0f1b200ea80baa0e33e0b06da10bb271
https://git.kernel.org/stable/c/c8369a6d62f5abde9cbd4b62c45bf4b996be2468
https://git.kernel.org/stable/c/dea5fcf085f977b6c2de1b2d4ec4767b6c840d1f
https://git.kernel.org/stable/c/f7826bc0b39928a4a22f6b815dd9940b22a63503
https://git.kernel.org/stable/c/fa48d3ea9cdbfb28c1fd6756c6c5cd01351aa51e

History

Wed, 06 May 2026 11:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-788

Wed, 06 May 2026 09:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl When page reassignment was added to af_alg_pull_tsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the reassignment so that this does not happen. Also update the comment which still refers to the obsolete offset argument.
Title		crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2b781d1d4f933990318bcc5c68fb75a717379e42 https://git.kernel.org/stable/c/31d00156e50ecad37f2cb6cbf04aaa9a260505ef https://git.kernel.org/stable/c/710a4ce5d7afd9fe082c75dec282ab4a11c0fe71 https://git.kernel.org/stable/c/9532501e0f1b200ea80baa0e33e0b06da10bb271 https://git.kernel.org/stable/c/c8369a6d62f5abde9cbd4b62c45bf4b996be2468 https://git.kernel.org/stable/c/dea5fcf085f977b6c2de1b2d4ec4767b6c840d1f https://git.kernel.org/stable/c/f7826bc0b39928a4a22f6b815dd9940b22a63503 https://git.kernel.org/stable/c/fa48d3ea9cdbfb28c1fd6756c6c5cd01351aa51e

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T07:40:15.092Z

Updated: 2026-05-06T07:40:15.092Z

Reserved: 2026-05-01T14:12:55.983Z

Link: CVE-2026-43078

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T10:16:20.853

Modified: 2026-05-06T13:08:07.970

Link: CVE-2026-43078

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T12:45:03Z

Weaknesses

CWE-788

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object