CVE-2026-43033

Home/CVE/In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of d

CVE

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of d

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place (src != dst), there is no need to save the high-order sequence bits in dst as it could simply be re-copied from the source. However, the data to be hashed need to be rearranged accordingly. Thanks,.

HIGH · CVSS 7.8 EPSS 0.00015

Schedule remediation

CVSS base score ≥ 7.0

Sigma rules0 YARA rules0

▤

Affected Products & Versions

linux kernel>= 4.3 and < 5.10.254
linux kernel>= 5.11 and < 5.15.204
linux kernel>= 5.16 and < 6.1.170
linux kernel>= 6.2 and < 6.6.137
linux kernel>= 6.7 and < 6.12.85
linux kernel>= 6.13 and < 6.18.22
linux kernel>= 6.19 and < 6.19.12
linux kernelall versions

▣

Scoring & Timeline

7.8

HIGH · CVSS v3.1 · 416baaa9-dc9f-4396-8d5f-8c081fb06d67

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD01 May 2026 · 03:16 PM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

⚑

Vendor Advisories

usnUSN-8374-1
usnUSN-8351-1
usnUSN-8350-1
usnUSN-8280-3
usnUSN-8305-2
Show all 21 vendor advisoriesusnUSN-8278-2
usnUSN-8310-1
usnUSN-8305-1
usnUSN-8279-3
usnUSN-8289-2
usnUSN-8279-2
usnUSN-8280-2
usnUSN-8281-2
usnUSN-8277-2
usnUSN-8289-1
usnUSN-8281-1
usnUSN-8280-1
usnUSN-8279-1
usnUSN-8278-1
usnUSN-8277-1
msrcCVE-2026-43033

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

https://git.kernel.org/stable/c/153d5520c3f9fd62e71c7e7f9e34b59cf411e555Patch

https://git.kernel.org/stable/c/5466e7d0cd9e4f9cef9d8f18f18b60e7bc1c77e5Patch

https://git.kernel.org/stable/c/89fe118b6470119b20c04afc36e45b81a69ea11fPatch

https://git.kernel.org/stable/c/8c62f618576519dbed6816fafc623ce592953025Patch

https://git.kernel.org/stable/c/cded4002d22177e8deaca1f257ecd932c9582b6bPatch

https://git.kernel.org/stable/c/d0c4ff6812386880f30bc64c2921299cc4d7b47fPatch

Show all 8 references

https://git.kernel.org/stable/c/d589abd8b019b07075fda255ceab8c8e950cdb3fPatch

https://git.kernel.org/stable/c/e02494114ebf7c8b42777c6cd6982f113bfdbec7Patch

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin