CVE-2026-43044 in Linuxالمعلومات

الملخص

بحسب MITRE • 01/05/2026

In the Linux kernel, the following vulnerability has been resolved:

crypto: caam - fix DMA corruption on long hmac keys

When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwise the hashed key may corrupt neighbouring memory.

The rounding was performed, but never actually used for the allocation. Fix this by replacing kmemdup with kmalloc for a larger buffer, followed by memcpy.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

Linux

حجز

01/05/2026

إفشاء

01/05/2026

الاعتدال

تمت الموافقة

إدخال

VDB-360725

CPE

جاهز

CWE

CWE-120 (مؤكد)

CVSS

8.0 (VulDB)

EPSS

0.00015

KEV

لا

النشاطات

منخفض جدًا

القطاع

Homeoffice, Insurance, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-43044
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-43044
CVE Details	https://www.cvedetails.com/cve/CVE-2026-43044/

التالي ▸نظرة عامة ◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!