CVE-2026-28529 in cryptodev-linuxinformação

Sumário

de MITRE • 25/03/2026

cryptodev-linux version 1.14 and prior contain a page reference handling flaw in the get_userbuf function of the /dev/crypto device driver that allows local users to trigger use-after-free conditions. Attackers with access to the /dev/crypto interface can repeatedly decrement reference counts of controlled pages to achieve local privilege escalation.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

27/02/2026

Divulgação

25/03/2026

Moderação

aceite

Entrada

VDB-353119

CPE

pronto

CWE

CWE-416 (confirmado)

CVSS

7.8 (VulDB)

EPSS

0.00020

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-28529
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-28529
CVE Details	https://www.cvedetails.com/cve/CVE-2026-28529/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!