NULL Pointer Dereference in Linux Kernel's AF_ALG Interface
CVE-2026-43043

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43043?

A vulnerability in the Linux kernel's AF_ALG interface can lead to a NULL pointer dereference when using a Scatter/Gather List (SGL). This occurs when a subsequent sendmsg() operation chains a new af_alg_tsgl structure without appropriately clearing the end marker of the previous SGL. If the previous SGL reaches its maximum entries, the last entry remains marked as the end. This mismanagement can cause the crypto scatterwalk process to prematurely terminate, ultimately resulting in a kernel panic during dereference. The issue has been addressed in recent kernel updates by ensuring the end marker is explicitly unmarked before chaining.

Affected Version(s)

Linux 8ff590903d5fc7f5a0a988c38267a3d08e6393a2

Linux 8ff590903d5fc7f5a0a988c38267a3d08e6393a2 < 7195350fb78538c25cd790d703f8f2c73ee0d395

References

https://git.kernel.org/stable/c/f48d3dd99199180cf37d62535...

https://git.kernel.org/stable/c/f9acceae7b004956851fd4268...

https://git.kernel.org/stable/c/7195350fb78538c25cd790d70...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43043 Data

JSON