Linux Kernel Crypto Subsystem algif_aead Decryption Buffer Size Vulnerability

A vulnerability in the Linux kernel's crypto subsystem, specifically within the algif_aead module, has been addressed. The issue arose because the decryption process did not properly account for the tag size when checking the minimum receive buffer. This oversight could potentially lead to incorrect buffer management during decryption operations. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could lead to improper decryption handling, potentially allowing for decryption errors or buffer management issues that could be exploited in certain scenarios.

Reproduction

The vulnerability can be reproduced by using the algif_aead crypto interface for authenticated encryption with associated data (AEAD) algorithms. During the decryption process, the minimum receive buffer size check fails to consider the size of the authentication tag, which could lead to buffer underflows or other memory management issues. This can be observed by sending a ciphertext that requires a larger buffer than what is allocated, without the proper tag size being accounted for.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The specific commit addressing this issue is available in the Linux kernel stable repository.