CVE-2026-52972
HighCVSS 7.0Exploitation Probability (EPSS)
Low risk4th percentile — higher than 4% of all known CVEs
Summary
In the Linux kernel, the af_alg crypto module lacks a cap on the associated data (AD) length for AEAD algorithms, potentially causing arithmetic overflow when checking the TX buffer size.
Risk Assessment
The risk for the organization includes potential system instability or unexpected kernel behavior during cryptographic operations, which could affect data integrity and service availability.
Recommendation
Immediately update the Linux kernel to a version containing the fix that caps AD length to 0x80000000. Monitor security advisories from your distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000.

