Copyright © 2012 Red Hat, Inc. All rights reserved. Low 2026-04-25T00:00:00 kernel: crypto: af_alg - limit RX SG extraction by receive buffer budget 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CWE-770

A flaw was found in the Linux kernel's `af_alg` (Algorithm Interface) component. This vulnerability allows a local attacker to cause a denial of service (DoS) by sending specially crafted requests. The `af_alg_get_rsgl()` function fails to properly limit the extraction of receive scatterlist (RX SG) data based on the available receive buffer, leading to the rejection of `recvmsg` calls and preventing further data processing.

Red Hat Enterprise Linux 10 Fix deferred kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Fix deferred kernel Red Hat Enterprise Linux 8 Fix deferred kernel-rt Red Hat Enterprise Linux 9 Fix deferred kernel Red Hat Enterprise Linux 9 Fix deferred kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-31677 https://nvd.nist.gov/vuln/detail/CVE-2026-31677 https://lore.kernel.org/linux-cve-announce/2026042544-CVE-2026-31677-1a29@gregkh/T