CVE-2026-46077
crypto: atmel-tdes - fix DMA sync direction
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, ->dma_addr_out must be synced with dma_sync_single_for_cpu() instead of dma_sync_single_for_device(). Using the wrong direction can return stale cache data on non-coherent platforms.
INFO
Published Date :
May 27, 2026, 2:17 p.m.
Last Modified :
June 1, 2026, 5:17 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Update the Linux kernel.
- Apply the crypto: atmel-tdes patch.
- Ensure DMA sync is correctly configured.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-46077.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-46077 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-46077
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-46077 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2026-46077 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Jun. 01, 2026
Action Type Old Value New Value Added Reference https://git.kernel.org/stable/c/b9b28f3881dd514e74f98ae04e79a635022a4804 Added Reference https://git.kernel.org/stable/c/c0f3002c02a3a83250e25582ffbe8df7eb78a8bd Added Reference https://git.kernel.org/stable/c/ce3224678acb8c0b3473daa7d7dbffc998c6951a -
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 27, 2026
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, ->dma_addr_out must be synced with dma_sync_single_for_cpu() instead of dma_sync_single_for_device(). Using the wrong direction can return stale cache data on non-coherent platforms. Added Reference https://git.kernel.org/stable/c/12a0adfe498cd5d87e6365d7ca5f6b3eed79e523 Added Reference https://git.kernel.org/stable/c/5281e6e2302362f6b75b70cbfe4098d2a25dafd9 Added Reference https://git.kernel.org/stable/c/863d11b3927703ad95077c81a8a6489c5c7872f7 Added Reference https://git.kernel.org/stable/c/b5f5df801d161ba244f391519cbff2f4e5c6edc2 Added Reference https://git.kernel.org/stable/c/c8a9a647532f5c2a04180352693215e24e9dba03