SB2026050223 - Incorrect Calculation of Buffer Size in Linux kernel crypto caam driver
Published: May 2, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Incorrect Calculation of Buffer Size (CVE-ID: CVE-2026-43044)
CWE-ID: CWE-131 - Incorrect Calculation of Buffer Size
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to corrupt memory.
The vulnerability exists due to improper memory allocation in the caam crypto driver when processing HMAC keys longer than the block size. A local user can supply a specially crafted long HMAC key to corrupt memory.
The issue occurs because the buffer size was not allocated using the rounded DMA cache alignment size.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/5ddfdcbe10dc5f97afc4e46ca22be2be717e8caf
- https://git.kernel.org/stable/c/68feed135a0c7243a9275ae7e6a18260f755f52b
- https://git.kernel.org/stable/c/a7ecf06d3ee06e9b3322e1e7b003ea5c6f6e135a
- https://git.kernel.org/stable/c/c0c133e0225d87aad326bb90bbce9bdd6fde3cbb
- https://git.kernel.org/stable/c/f2af8be110bde26b3e3354efdfdda97f426306a4