PatchSiren cyber security CVE debrief
CVE-2026-46291 Linux CVE debrief
A vulnerability in the Linux kernel has been resolved. The vulnerability is related to the crypto: caam module, specifically in the hash_digest_key function, where HMAC key bytes were being dumped using print_hex_dump, potentially leaking secrets at runtime when CONFIG_DYNAMIC_DEBUG is enabled. The fix replaces print_hex_dump with print_hex_dump_devel to prevent this issue.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-08
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-08
- Advisory updated
- 2026-06-08
Who should care
Users of the Linux kernel who have the crypto: caam module enabled, especially those with CONFIG_DYNAMIC_DEBUG enabled, should be aware of this vulnerability and ensure they are running the patched version of the kernel.
Technical summary
The Linux kernel's crypto: caam module had a vulnerability where HMAC key bytes were being dumped in clear text at runtime when CONFIG_DYNAMIC_DEBUG was enabled. This was fixed by changing print_hex_dump to print_hex_dump_devel in the hash_digest_key function.
Defensive priority
Medium
Recommended defensive actions
- Update the Linux kernel to a version that includes the fix for CVE-2026-46291.
- Review kernel configurations to ensure CONFIG_DYNAMIC_DEBUG is not enabled if not necessary.
Evidence notes
The CVE was published and modified on 2026-06-08T17:16:47.357Z. The vulnerability was resolved in the Linux kernel.
Official resources
-
CVE-2026-46291 CVE record
CVE.org
-
CVE-2026-46291 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
The CVE-2026-46291 vulnerability was made public on 2026-06-08.