Linux Kernel, Denial-of-Service, CVE-2026-23060 (Moderate)

Listen to this Post

The vulnerability resides in the Linux kernel’s `authencesn` cryptographic module, which handles Combined Authentication Encryption with Extended Sequence Numbers (ESP/ESN). This module incorrectly assumes that the Additional Authentication Data (AAD) always follows the ESP/ESN specification, which requires a minimum length of 8 bytes. When a request is made with an AAD length (assoclen) of less than 8 bytes, the `crypto_authenc_esn_decrypt()` function proceeds without validation. During decryption, it attempts to copy data from this undersized AAD. The function advances a pointer through a scatterlist (a data structure describing memory buffers) based on the `assoclen` value. Because the length is too short, the pointer calculation goes out of bounds, moving past the end of the destination scatterlist. Subsequently, the `scatterwalk_map_and_copy()` function tries to map and copy data from this invalid memory location, leading to a NULL pointer dereference. This action results in a kernel panic, causing an immediate system crash and a complete denial of service (DoS) on the affected machine. The fix introduces a simple check at the beginning of the operation, rejecting any request where `assoclen` is less than 8 bytes, thereby preventing the out-of-bounds access .

dailycve form:

Platform: Linux Kernel
Version: 4.3 to 6.19-rc6
Vulnerability : AAD length validation
Severity: Moderate (6.5 CVSS)
date: 04/02/2026

Prediction: Patch already available

What Undercode Say:

Analytics

The vulnerability, introduced in 2015, lay dormant for over a decade, affecting a wide swath of enterprise and consumer Linux distributions. Its moderate severity (CVSS 3.1 base score of 6.5) stems from the requirement of a local attacker with low privileges, but its impact on availability is high. Major distributions like Debian, Ubuntu, and SUSE have confirmed the vulnerability and are actively deploying patches . The fix, a simple check for assoclen < 8, was backported to stable kernel trees, highlighting the importance of rigorous input validation in core cryptographic functions.

Exploit

The core of the vulnerability is the lack of input validation. By triggering a cryptographic operation that uses the `authencesn` algorithm with a crafted, undersized AAD, an attacker can cause a kernel panic.
A conceptual snippet of the vulnerable code flow and the fix is shown below:

// File: crypto/authencesn.c
// Vulnerable code (before patch)
static int crypto_authenc_esn_decrypt(struct aead_request req)
{
// ... (variable declarations)
unsigned int authsize = crypto_aead_authsize(tfm);
struct authenc_esn_request_ctx areq_ctx = aead_request_ctx(req);
u8 tmp = areq_ctx->tail;
int err;
unsigned int assoclen = req->assoclen;
// VULNERABILITY: No check for minimum assoclen (which should be >= 8 for ESP/ESN)
// ... code proceeds, using assoclen to calculate pointers into scatterlists
scatterwalk_map_and_copy(tmp, req->dst, 0, assoclen + authsize, 1);
// ... further operations that can lead to OOB access and NULL dereference
}
// Fixed code (after patch)
static int crypto_authenc_esn_decrypt(struct aead_request req)
{
// ... (variable declarations)
unsigned int authsize = crypto_aead_authsize(tfm);
struct authenc_esn_request_ctx areq_ctx = aead_request_ctx(req);
u8 tmp = areq_ctx->tail;
int err;
unsigned int assoclen = req->assoclen;
// FIX: Explicitly reject any AAD that is shorter than the minimum ESP/ESN length
if (assoclen < 8)
return -EINVAL; // Fail fast with an invalid argument error
// ... rest of the function continues safely
scatterwalk_map_and_copy(tmp, req->dst, 0, assoclen + authsize, 1);
// ...
}

Protection from this CVE

The primary and most effective protection is to apply the official kernel patch provided by your Linux distribution.

For Debian/Ubuntu systems, update the kernel package:

Update package list and upgrade the kernel
sudo apt update
sudo apt upgrade linux-image-$(uname -r)
Reboot the system to load the new kernel
sudo reboot
Verify the new kernel version is running (should be a fixed version, e.g., 5.10.249-1 for Debian bullseye)
uname -r

For RHEL/CentOS/Fedora systems:

Update the kernel package
sudo dnf update kernel
Reboot the system
sudo reboot
Verify the new kernel version
uname -r

As a temporary workaround, if the `authencesn` algorithm is not required, it could be blacklisted, though this is not recommended as it might break legitimate functionality.

Impact

Successful exploitation of this vulnerability leads to a kernel panic, resulting in an immediate system crash and a denial of service. This can disrupt critical services, cause data loss for unsaved work, and require manual intervention to reboot the affected machine. While it does not lead to privilege escalation or data theft, its availability impact is significant, making it a stability risk for systems handling IPsec traffic with Extended Sequence Numbers .

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top