Cyber Resilience

CVE-2026-43033

High

Published: 01 May 2026

Published
01 May 2026
Modified
08 May 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 3.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-43033 is a high-severity an unspecified weakness vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2026-43033 is a vulnerability in the Linux kernel's crypto/authencesn subsystem. During out-of-place decryption operations where the source and destination buffers differ (src != dst), the code unnecessarily places high-order sequence bits (hiseq) at the end of the destination buffer. Although these bits could simply be copied from the source, the subsequent data rearrangement for hashing introduces the flaw, potentially leading to incorrect handling of cryptographic operations.

A local attacker with low privileges (PR:L) can exploit this vulnerability with low complexity (AC:L) and no user interaction required (UI:N). Successful exploitation grants high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), as indicated by the CVSS v3.1 base score of 7.8. The attack is confined to the local scope (AV:L) with unchanged scope (S:U), allowing disruption or compromise of cryptographic authentencsn processes on the affected system.

Mitigation is available through patches merged into Linux kernel stable branches, as documented in the following commit references: https://git.kernel.org/stable/c/153d5520c3f9fd62e71c7e7f9e34b59cf411e555, https://git.kernel.org/stable/c/5466e7d0cd9e4f9cef9d8f18f18b60e7bc1c77e5, https://git.kernel.org/stable/c/89fe118b6470119b20c04afc36e45b81a69ea11f, https://git.kernel.org/stable/c/8c62f618576519dbed6816fafc623ce592953025, and https://git.kernel.org/stable/c/cded4002d22177e8deaca1f257ecd932c9582b6b. Security practitioners should update to kernels incorporating these fixes.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place (src != dst), there is no need to save…

more

the high-order sequence bits in dst as it could simply be re-copied from the source. However, the data to be hashed need to be rearranged accordingly. Thanks,

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local low-privileged kernel vulnerability in crypto/authencesn with high C/I/A impact enables exploitation for privilege escalation via memory corruption or incorrect crypto handling.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-71152Same product: Linux Linux Kernel
CVE-2026-23111Same product: Linux Linux Kernel
CVE-2026-31530Same product: Linux Linux Kernel
CVE-2026-23387Same product: Linux Linux Kernel
CVE-2025-21856Same product: Linux Linux Kernel
CVE-2025-21727Same product: Linux Linux Kernel
CVE-2026-23275Same product: Linux Linux Kernel
CVE-2026-31401Same product: Linux Linux Kernel
CVE-2024-57980Same product: Linux Linux Kernel
CVE-2026-23437Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
7.0 · 4.3 — 5.10.254 · 5.11 — 5.15.204 · 5.16 — 6.1.170

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires identification, reporting, and correction of flaws like CVE-2026-43033 through timely patching of the Linux kernel's crypto/authencesn subsystem.

detect

Ensures receipt and dissemination of security alerts and advisories about kernel vulnerabilities such as CVE-2026-43033, enabling proactive remediation.

detect

Provides vulnerability scanning and monitoring to identify known flaws like CVE-2026-43033 in the Linux kernel crypto operations.

References