HIGHCVE-2026-31739Published Modified CNA Linux
CVE-2026-31739: crypto: tegra - Add missing CRYPTO_ALG_ASYNC
In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - Add missing CRYPTO_ALG_ASYNC The tegra crypto driver failed to set the CRYPTO_ALG_ASYNC on its asynchronous algorithms, causing the crypto API to select them for users that request only synchronous algorithms. This causes crashes (at least). Fix this by adding the flag like what the other drivers do. Also remove the unnecessary CRYPTO_ALG_TYPE_* flags, since those just get ignored and overridden by the registration function anyway.
Metrics
- CVSS v3.1
- 8.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
03aea268b6d5cde3b087df9eeecc3bc620aa09513429d05565eb19ee545d8a8395991372adbe4daf34b56770d345524fc2acc143a2b85539cf7d74bc16.12.816.18.226.19.127.0bdbf027a4504b4a86740de6beb6d18a957331839
Affected packages
- Linux / Linux< bdbf027a4504b4a86740de6beb6d18a957331839 (from 0880bb3b00c855fc244b7177ffdaafef4d0aa1e0) · < 3aea268b6d5cde3b087df9eeecc3bc620aa09513 (from 0880bb3b00c855fc244b7177ffdaafef4d0aa1e0) · < 429d05565eb19ee545d8a8395991372adbe4daf3 (from 0880bb3b00c855fc244b7177ffdaafef4d0aa1e0) · < 4b56770d345524fc2acc143a2b85539cf7d74bc1 (from 0880bb3b00c855fc244b7177ffdaafef4d0aa1e0)
- Linux / Linux6.10Fixed in 0, 6.12.81, 6.18.22, 6.19.12, 7.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H