Veröffentlicht am von ms-freelancer

CVE-2026-43044 – crypto: caam – fix DMA corruption on long hmac keys

CVE ID :CVE-2026-43044

Published : May 1, 2026, 3:16 p.m. | 1 hour, 2 minutes ago

Description :In the Linux kernel, the following vulnerability has been resolved:

crypto: caam – fix DMA corruption on long hmac keys

When a key longer than block size is supplied, it is copied and then
hashed into the real key. The memory allocated for the copy needs to
be rounded to DMA cache alignment, as otherwise the hashed key may
corrupt neighbouring memory.

The rounding was performed, but never actually used for the allocation.
Fix this by replacing kmemdup with kmalloc for a larger buffer,
followed by memcpy.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…