HIGH
cryptodev-linux
CVE published 2026-03-25
CVE-2026-28529
CVE-2026-28529 is a local privilege escalation vulnerability in cryptodev-linux version 1.14 and prior. The vulnerability is caused by a page reference handling flaw in the get_userbuf function of the /dev/crypto device driver. This flaw allows local users to trigger use-after-free conditions, potentially leading to privilege escalation. System administrators and users of cryptodev-linux version 1.14 and [truncated]