Primary

Context

Linux Kernel Tegra Crypto Driver CRYPTO_ALG_ASYNC Vulnerability

Vulnerability

Patched

A vulnerability in the Tegra crypto driver of the Linux kernel was introduced by not properly setting the CRYPTO_ALG_ASYNC flag for asynchronous algorithms. This oversight led the crypto API to incorrectly select these algorithms for users requesting only synchronous ones, causing crashes. The issue has been addressed by adding the missing flag, aligning the driver with the correct behavior of others. Additionally, unnecessary CRYPTO_ALG_TYPE_* flags were removed, as they were ignored and overwritten by the registration function.

Impact

The absence of the CRYPTO_ALG_ASYNC flag on asynchronous algorithms in the Tegra crypto driver caused crashes by misaligning algorithm availability with user requests.

Remediation

Users can apply the latest patch available in the Linux kernel stable tree to address this vulnerability.

Added: May 1, 2026, 4:48 PM

Updated: May 1, 2026, 4:48 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

7.7

relevance

7.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

7.7

relevance

7.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Tegra Crypto Driver CRYPTO_ALG_ASYNC Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating