CVE-2026-46019
crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup atmel_aes_buff_init() allocates 4 pages using __get_free_pages() with ATMEL_AES_BUFFER_ORDER, but atmel_aes_buff_cleanup() frees only the first page using free_page(), leaking the remaining 3 pages. Use free_pages() with ATMEL_AES_BUFFER_ORDER to fix the memory leak.
INFO
Published Date :
May 27, 2026, 2:17 p.m.
Last Modified :
June 1, 2026, 5:17 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Free allocated pages using free_pages().
- Ensure correct page order is used for freeing.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-46019.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-46019 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-46019
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-46019 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2026-46019 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Jun. 01, 2026
Action Type Old Value New Value Added Reference https://git.kernel.org/stable/c/03e00aafa5f747d07811589e8d5fee638245431b Added Reference https://git.kernel.org/stable/c/5ad40cde96d603a88d68f8ed59f6d36407ab1f3c Added Reference https://git.kernel.org/stable/c/de6952e0af2acbada900d742437e848285c01d11 -
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 27, 2026
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup atmel_aes_buff_init() allocates 4 pages using __get_free_pages() with ATMEL_AES_BUFFER_ORDER, but atmel_aes_buff_cleanup() frees only the first page using free_page(), leaking the remaining 3 pages. Use free_pages() with ATMEL_AES_BUFFER_ORDER to fix the memory leak. Added Reference https://git.kernel.org/stable/c/230ad8a78fe67266b1ba4685da1abdd61471c5b8 Added Reference https://git.kernel.org/stable/c/3fcfff4ed35f963380a68741bcd52742baff7f76 Added Reference https://git.kernel.org/stable/c/61516b4a5b2647dc3f8f67b5dffaf038be997511 Added Reference https://git.kernel.org/stable/c/65b3589d39d05699c3850202f8333e5361033ea3 Added Reference https://git.kernel.org/stable/c/b63f1e2f0e319ad3fe4a58eb3db4fd50cc98baca