CVE-2026-31739HIGH 8.8EPSS p33.0%

CVE-2026-31739CVE-2026-31739

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - Add missing CRYPTO_ALG_ASYNC The tegra crypto driver failed to set the CRYPTO_ALG_ASYNC on its asynchronous algorithms, causing the crypto API to select them for users that request only synchronous algorithms. This causes crashes (at least). Fix this by adding the flag like what the other drivers do. Also remove the unnecessary CRYPTO_ALG_TYPE_* flags, since those just get ignored and overridden by the registration function anyway.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.41% probability of exploitation · percentile 33.0% · 2026-06-18T12:00:27Z
Published2026-05-01
Last modified2026-05-07

Underlying weaknesses· 1

CWE-617

References

  1. https://git.kernel.org/stable/c/3aea268b6d5cde3b087df9eeecc3bc620aa09513
  2. https://git.kernel.org/stable/c/429d05565eb19ee545d8a8395991372adbe4daf3
  3. https://git.kernel.org/stable/c/4b56770d345524fc2acc143a2b85539cf7d74bc1
  4. https://git.kernel.org/stable/c/bdbf027a4504b4a86740de6beb6d18a957331839

1

TypeTargetConfidenceTier
WeaknessReachable Assertioncwe-6170%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-31533
CVE
CVE-2026-45986
CVE
CVE-2025-21739
CVE
CVE-2026-31627
CVE
CVE-2026-46291
CVE
CVE-2026-31583
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.