CVE Catalog

CVE-2026-43493

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.55%

42th percentile — higher than 42% of all known CVEs

Summary

In the Linux kernel, a vulnerability was found in the pcrypt module that incorrectly handles MAY_BACKLOG requests. These requests can return EBUSY, which requires proper checking and filtering of EINPROGRESS notifications.

Risk Assessment

Improper handling of MAY_BACKLOG requests may lead to unexpected behavior of the cryptographic system, potentially causing errors in applications using encryption.

Recommendation

It is recommended to immediately update the Linux kernel to a version containing the fix for CVE-2026-43493. Monitor official security advisories from your Linux distribution.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can return EBUSY. Handle them by checking for that value and filtering out EINPROGRESS notifications.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS