PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46028 Linux CVE debrief

A race condition in the Linux kernel's AF_ALG AEAD (Authenticated Encryption with Associated Data) AIO implementation allows later socket activity to corrupt the initialization vector (IV) of in-flight asynchronous cryptographic requests. The vulnerability exists because the socket-wide IV buffer is shared across concurrent operations; when an async request is pending, subsequent socket operations can modify this shared state before the original request completes, leading to inconsistent IV handling and potential cryptographic failures or security degradation. The fix snapshots the IV into per-request storage during request preparation, eliminating the dependency on mutable socket state for in-flight operations.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-27
Original CVE updated
2026-05-27
Advisory published
2026-05-27
Advisory updated
2026-05-27

Who should care

Organizations running Linux systems that utilize the AF_ALG socket interface for AEAD cryptographic operations, particularly those with high-concurrency workloads or applications relying on kernel-accelerated cryptography through the algif_aead interface. This includes security appliances, VPN endpoints, storage encryption systems, and any userspace applications using AF_ALG for AES-GCM, ChaCha20-Poly1305, or similar AEAD modes via asynchronous I/O.

Technical summary

The AF_ALG socket interface in the Linux kernel provides userspace access to kernel cryptographic algorithms. For AEAD operations using asynchronous I/O (AIO), the implementation previously stored the initialization vector (IV) in a socket-wide buffer. When multiple concurrent requests are in flight, later socket activity—such as new encryption/decryption requests or socket configuration changes—can overwrite this shared IV buffer before pending async operations complete. This race condition results in inconsistent IV state for in-flight cryptographic operations, potentially causing authentication failures, data corruption, or weakened cryptographic guarantees. The resolution copies (snapshots) the IV into per-request storage during request preparation, ensuring each async operation maintains its own immutable IV reference throughout its lifecycle.

Defensive priority

medium

Recommended defensive actions

  • Apply kernel updates containing the fix for CVE-2026-46028 to all systems using AF_ALG for AEAD cryptographic operations
  • Verify running kernel version includes commit 08ea39a556ec or equivalent backport for your stable branch
  • Audit applications using AF_ALG socket interface for AEAD operations to ensure they handle potential IV inconsistencies gracefully until patched
  • Monitor kernel stable mailing lists for additional backports if running long-term support (LTS) kernel versions not yet covered by referenced commits

Evidence notes

The CVE description and kernel commit references confirm this is a resolved race condition in crypto/algif_aead.c affecting async AEAD AIO requests. Multiple stable kernel branches received backports (commits 08ea39a556ec, 3d72f8c6490d, 46fdb39e8322, 5aa58c3a572b, a920cabdb0b7, c2138c9bd02a, ebc235675f24, fa0fcec9b49d).

Official resources

2026-05-27