CVE-2026-46019

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup atmel_aes_buff_init() allocates 4 pages using __get_free_pages() with ATMEL_AES_BUFFER_ORDER, but atmel_aes_buff_cleanup() frees only the first page using free_page(), leaking the remaining 3 pages. Use free_pages() with ATMEL_AES_BUFFER_ORDER to fix the memory leak.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/03e00aafa5f747d07811589e8d5fee638245431b	Patch
https://git.kernel.org/stable/c/230ad8a78fe67266b1ba4685da1abdd61471c5b8	Patch
https://git.kernel.org/stable/c/3fcfff4ed35f963380a68741bcd52742baff7f76	Patch
https://git.kernel.org/stable/c/5ad40cde96d603a88d68f8ed59f6d36407ab1f3c	Patch
https://git.kernel.org/stable/c/61516b4a5b2647dc3f8f67b5dffaf038be997511	Patch
https://git.kernel.org/stable/c/65b3589d39d05699c3850202f8333e5361033ea3	Patch
https://git.kernel.org/stable/c/b63f1e2f0e319ad3fe4a58eb3db4fd50cc98baca	Patch
https://git.kernel.org/stable/c/de6952e0af2acbada900d742437e848285c01d11	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

16 Jun 2026, 15:23

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/03e00aafa5f747d07811589e8d5fee638245431b -~~	() https://git.kernel.org/stable/c/03e00aafa5f747d07811589e8d5fee638245431b - Patch
References	~~() https://git.kernel.org/stable/c/230ad8a78fe67266b1ba4685da1abdd61471c5b8 -~~	() https://git.kernel.org/stable/c/230ad8a78fe67266b1ba4685da1abdd61471c5b8 - Patch
References	~~() https://git.kernel.org/stable/c/3fcfff4ed35f963380a68741bcd52742baff7f76 -~~	() https://git.kernel.org/stable/c/3fcfff4ed35f963380a68741bcd52742baff7f76 - Patch
References	~~() https://git.kernel.org/stable/c/5ad40cde96d603a88d68f8ed59f6d36407ab1f3c -~~	() https://git.kernel.org/stable/c/5ad40cde96d603a88d68f8ed59f6d36407ab1f3c - Patch
References	~~() https://git.kernel.org/stable/c/61516b4a5b2647dc3f8f67b5dffaf038be997511 -~~	() https://git.kernel.org/stable/c/61516b4a5b2647dc3f8f67b5dffaf038be997511 - Patch
References	~~() https://git.kernel.org/stable/c/65b3589d39d05699c3850202f8333e5361033ea3 -~~	() https://git.kernel.org/stable/c/65b3589d39d05699c3850202f8333e5361033ea3 - Patch
References	~~() https://git.kernel.org/stable/c/b63f1e2f0e319ad3fe4a58eb3db4fd50cc98baca -~~	() https://git.kernel.org/stable/c/b63f1e2f0e319ad3fe4a58eb3db4fd50cc98baca - Patch
References	~~() https://git.kernel.org/stable/c/de6952e0af2acbada900d742437e848285c01d11 -~~	() https://git.kernel.org/stable/c/de6952e0af2acbada900d742437e848285c01d11 - Patch
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-401

01 Jun 2026, 17:17

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/03e00aafa5f747d07811589e8d5fee638245431b - () https://git.kernel.org/stable/c/5ad40cde96d603a88d68f8ed59f6d36407ab1f3c - () https://git.kernel.org/stable/c/de6952e0af2acbada900d742437e848285c01d11 -

27 May 2026, 14:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-27 14:17

Updated : 2026-06-17 10:52

NVD link : CVE-2026-46019

Mitre link : CVE-2026-46019

CVE.ORG link : CVE-2026-46019

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10