Linux Kernel Vulnerability Related to Async AH Implementation by Linux Foundation
CVE-2026-46193
What is CVE-2026-46193?
A vulnerability has been identified in the Linux Kernel concerning the asynchronous Authentication Header (AH) implementation. This vulnerability arises when the extended sequence number (ESN) feature is enabled, leading to discrepancies in how temporary authentication and integrity check value (ICV) layouts are allocated. The async implementation fails to account for the required high-order ESN bits during certain callback operations, causing incorrect byte comparisons on both IPv4 and IPv6 protocols. This could result in significant packet loss, as observed in practical error reports. Following corrective measures that align the callback handling with the initial setup, the offsets have been fixed, ensuring proper function of the AH parameters and restoring expected connectivity without data loss. This demonstrates the need for robust validation in async processing mechanisms within network operations.
Affected Version(s)
Linux d4d573d0334d07341beffdcf97e2b85d3955d8ae < 0555d4f526232b3c9e3afbcd490c0c0793aefec6
Linux d4d573d0334d07341beffdcf97e2b85d3955d8ae < 729899a2aa8bda7844be0cdcd3b470f11b912eda
Linux d4d573d0334d07341beffdcf97e2b85d3955d8ae < 7db99a09b3bc87268287bc7ab5f2e7f382b5ad87