CVE-2026-46019

medium

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup atmel_aes_buff_init() allocates 4 pages using __get_free_pages() with ATMEL_AES_BUFFER_ORDER, but atmel_aes_buff_cleanup() frees only the first page using free_page(), leaking the remaining 3 pages. Use free_pages() with ATMEL_AES_BUFFER_ORDER to fix the memory leak.

References

https://git.kernel.org/stable/c/b63f1e2f0e319ad3fe4a58eb3db4fd50cc98baca

https://git.kernel.org/stable/c/65b3589d39d05699c3850202f8333e5361033ea3

https://git.kernel.org/stable/c/61516b4a5b2647dc3f8f67b5dffaf038be997511

https://git.kernel.org/stable/c/3fcfff4ed35f963380a68741bcd52742baff7f76

https://git.kernel.org/stable/c/230ad8a78fe67266b1ba4685da1abdd61471c5b8

Details

Source: Mitre, NVD

Published: 2026-05-27

Updated: 2026-05-27

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018