PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46193 Linux CVE debrief

A vulnerability in the Linux kernel's XFRM AH (Authentication Header) implementation causes incorrect offset calculations during asynchronous hash completion callbacks when Extended Sequence Number (ESN) is enabled. The async setup path allocates a 4-byte seqhi slot before the ICV/auth_data area, but the completion callbacks reconstruct the temporary layout without accounting for this slot, causing AH to copy or compare wrong bytes on both IPv4 and IPv6 paths. This results in 100% packet loss with async AH implementations when ESN is enabled. The fix ensures callback-side layout reconstruction matches the setup path by skipping the ESN seqhi slot before locating saved auth_data or ICV.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-28
Original CVE updated
2026-05-28
Advisory published
2026-05-28
Advisory updated
2026-05-28

Who should care

Organizations running Linux-based IPsec VPNs or secure networking infrastructure using AH with ESN enabled, particularly those utilizing asynchronous cryptographic hardware accelerators. Cloud providers and enterprises with high-throughput IPsec requirements using hardware offload for AH authentication. Security teams managing kernel-level networking stacks with XFRM configurations.

Technical summary

The vulnerability exists in the Linux kernel's XFRM subsystem, specifically in the Authentication Header (AH) implementation's handling of asynchronous cryptographic operations with Extended Sequence Number (ESN) enabled. When ESN is active, the async ahash setup allocates a 4-byte seqhi slot preceding the ICV/auth_data area. However, the async completion callbacks (ah4_output_done, ah4_input_done, and IPv6 equivalents) reconstruct the temporary buffer layout without accounting for this seqhi slot, resulting in a 4-byte offset error. This causes incorrect ICV comparison on input and wrong ICV placement on output, leading to authentication failures and complete packet loss. The fix aligns callback-side layout reconstruction with the setup path by properly skipping the ESN seqhi slot. Per RFC 4302, ESN high-order 32 bits must participate in AH ICV computation, making this accounting mandatory for correct operation.

Defensive priority

high

Recommended defensive actions

  • Apply kernel patches from stable branches when available for your distribution
  • Verify XFRM AH configurations for ESN usage in IPsec deployments
  • Monitor for kernel updates addressing this fix in net/ipv4/ah4.c and net/ipv6/ah6.c
  • If using async hardware AH accelerators with ESN, test thoroughly after patching
  • Consider temporarily disabling ESN on AH SAs if async AH implementations are in use and patches cannot be immediately applied

Evidence notes

The vulnerability description indicates successful reproduction in UML (User-Mode Linux) with IPv4 AH + ESN + forced async hmac(sha1), showing pre-fix offset drift (icv_off=20 vs expected_off=24) and post-fix correction (icv_off=24 matching expected). IPv6 AH+ESN was not runtime tested, nor was real async hardware AH engine validation performed.

Official resources

2026-05-28