Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Page Reassignment Overflow Vulnerability in af_alg Component

Vulnerability

A vulnerability has been identified in the Linux kernel's af_alg component, specifically within the page reassignment process of the af_alg_pull_tsgl function. This issue arises because the original loop handling page reassignment was not properly updated, leading to the potential reassignment of one extra page than necessary. The vulnerability is present in the Linux kernel stable tree.

Impact

The vulnerability could cause a page reassignment overflow, where more pages are reassigned than intended, potentially leading to memory management issues.

Reproduction

The vulnerability can be reproduced by invoking the af_alg_pull_tsgl function with a scatterlist destination that has been prepared to receive pages. The function will incorrectly reassign pages, potentially causing a buffer overflow by exceeding the expected number of pages.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: May 6, 2026, 11:08 AM
Updated: May 6, 2026, 11:08 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
7.7
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.