{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-52972", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.375Z", "datePublished": "2026-06-24T16:28:50.425Z", "dateUpdated": "2026-06-30T02:46:31.808Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-29T04:24:17.790Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Cap AEAD AD length to 0x80000000\n\nIn order to prevent arithmetic overflows when checking the TX\nbuffer size, cap the associated data length to 0x80000000."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["crypto/af_alg.c"], "versions": [{"version": "400c40cf78da00c16e561a3a253ca272455c42ef", "lessThan": "f8a5203596797f394ff3f9aa4005597a92249802", "status": "affected", "versionType": "git"}, {"version": "400c40cf78da00c16e561a3a253ca272455c42ef", "lessThan": "a9f68d9ed38dd6e5a6c6d75b03d25c1c133e321d", "status": "affected", "versionType": "git"}, {"version": "400c40cf78da00c16e561a3a253ca272455c42ef", "lessThan": "a4fe4eb580bbc7439f649a496d4cf38415a4021c", "status": "affected", "versionType": "git"}, {"version": "400c40cf78da00c16e561a3a253ca272455c42ef", "lessThan": "e4c4a5074532eaaa14951994a3aad0d479aa7431", "status": "affected", "versionType": "git"}, {"version": "400c40cf78da00c16e561a3a253ca272455c42ef", "lessThan": "265ac26d1c5e17b34d497cbda1f754a1ec8552bc", "status": "affected", "versionType": "git"}, {"version": "400c40cf78da00c16e561a3a253ca272455c42ef", "lessThan": "a1c5672faf8e93e38c2deac3979cc767ca5cf918", "status": "affected", "versionType": "git"}, {"version": "400c40cf78da00c16e561a3a253ca272455c42ef", "lessThan": "97948906dc8e0ea84775e03e35b60a2063c70193", "status": "affected", "versionType": "git"}, {"version": "400c40cf78da00c16e561a3a253ca272455c42ef", "lessThan": "e4c06479d7059888adf2f22bc1ebcf053bf691a2", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["crypto/af_alg.c"], "versions": [{"version": "4.1", "status": "affected"}, {"version": "0", "lessThan": "4.1", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.258", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.209", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.175", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.141", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.91", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.33", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.2-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1", "versionEndExcluding": "5.10.258"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1", "versionEndExcluding": "5.15.209"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1", "versionEndExcluding": "6.1.175"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1", "versionEndExcluding": "6.6.141"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1", "versionEndExcluding": "6.12.91"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1", "versionEndExcluding": "6.18.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1", "versionEndExcluding": "7.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.1", "versionEndExcluding": "7.2-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f8a5203596797f394ff3f9aa4005597a92249802"}, {"url": "https://git.kernel.org/stable/c/a9f68d9ed38dd6e5a6c6d75b03d25c1c133e321d"}, {"url": "https://git.kernel.org/stable/c/a4fe4eb580bbc7439f649a496d4cf38415a4021c"}, {"url": "https://git.kernel.org/stable/c/e4c4a5074532eaaa14951994a3aad0d479aa7431"}, {"url": "https://git.kernel.org/stable/c/265ac26d1c5e17b34d497cbda1f754a1ec8552bc"}, {"url": "https://git.kernel.org/stable/c/a1c5672faf8e93e38c2deac3979cc767ca5cf918"}, {"url": "https://git.kernel.org/stable/c/97948906dc8e0ea84775e03e35b60a2063c70193"}, {"url": "https://git.kernel.org/stable/c/e4c06479d7059888adf2f22bc1ebcf053bf691a2"}], "title": "crypto: af_alg - Cap AEAD AD length to 0x80000000", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"affected": [{"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 10", "vendor": "Red Hat"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "defaultStatus": "unaffected", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "defaultStatus": "unaffected", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat"}], "datePublic": "2026-06-24T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux kernel's `af_alg` cryptography module. This vulnerability involves an arithmetic overflow when processing associated data lengths during the transmit buffer size check. A remote attacker could exploit this flaw by providing a specially crafted associated data length, potentially leading to a denial of service (DoS) due to system instability."}], "metrics": [{"other": {"content": {"namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "description": "Integer Overflow or Wraparound", "lang": "en", "type": "CWE"}]}], "references": [{"tags": ["vdb-entry", "x_refsource_REDHAT"], "url": "https://access.redhat.com/security/cve/CVE-2026-52972"}, {"name": "RHBZ#2492364", "tags": ["issue-tracking", "x_refsource_REDHAT"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492364"}, {"tags": ["x_sadp-csaf-vex"], "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-52972.json"}], "timeline": [{"lang": "en", "time": "2026-06-24T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-06-24T00:00:00.000Z", "value": "Made public."}], "title": "kernel: crypto: af_alg - Cap AEAD AD length to 0x80000000", "x_adpType": "supplier", "x_generator": {"engine": "sadp-cli 1.0.0"}, "providerMetadata": {"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c", "shortName": "redhat-SADP", "dateUpdated": "2026-06-30T02:46:31.808Z"}}]}}

{}

{}

{"bugzilla": {"description": "kernel: crypto: af_alg - Cap AEAD AD length to 0x80000000", "id": "2492364", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492364"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncrypto: af_alg - Cap AEAD AD length to 0x80000000\nIn order to prevent arithmetic overflows when checking the TX\nbuffer size, cap the associated data length to 0x80000000.", "A flaw was found in the Linux kernel's `af_alg` cryptography module. This vulnerability involves an arithmetic overflow when processing associated data lengths during the transmit buffer size check. A remote attacker could exploit this flaw by providing a specially crafted associated data length, potentially leading to a denial of service (DoS) due to system instability."], "name": "CVE-2026-52972", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-52972\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-52972\nhttps://lore.kernel.org/linux-cve-announce/2026062439-CVE-2026-52972-7d96@gregkh/T"], "threat_severity": "Important"}