CVE-2026-43033 Overview
CVE-2026-43033 is a Linux kernel vulnerability in the crypto/authencesn module. The flaw involves how the kernel handles the high-order sequence number (hiseq) during out-of-place decryption operations where the source and destination buffers differ. The kernel incorrectly placed hiseq at the end of the destination buffer instead of re-copying it from the source, and the data to be hashed was not rearranged accordingly. This impacts the Encapsulating Security Payload (ESP) authenticated encryption path used by IPsec.
Critical Impact
A local low-privileged attacker can leverage flaws in the authenticated encryption path to compromise confidentiality, integrity, and availability of the affected Linux system.
Affected Products
- Linux kernel crypto/authencesn subsystem
- Linux distributions shipping vulnerable mainline and stable kernels prior to the referenced fixes
- Systems using IPsec ESP with extended sequence numbers (ESN) and authenticated encryption modes
Discovery Timeline
- 2026-05-01 - CVE-2026-43033 published to NVD
- 2026-05-03 - Last updated in NVD database
Technical Details for CVE-2026-43033
Vulnerability Analysis
The vulnerability resides in the authencesn template, which combines authentication and encryption with extended sequence numbers for IPsec ESP. During decryption, the kernel must process the 64-bit sequence number where the high-order 32 bits (hiseq) are appended for authentication purposes but are not part of the ciphertext payload itself.
When decryption is performed in-place (src == dst), placing hiseq at the end of the destination buffer is acceptable because source and destination share memory. When decryption is out-of-place (src != dst), the kernel still wrote hiseq at the end of dst, even though the value should simply be re-copied from src. The data layout used as input to the hash computation was not rearranged to match this difference, leading to inconsistent buffer state during cryptographic verification.
Root Cause
The root cause is improper handling of buffer layout in the out-of-place decryption code path of authencesn. The implementation did not differentiate between in-place and out-of-place operations when staging the high-order sequence bits and assembling the data fed into the hash function, producing mismatched buffer contents that the kernel cryptographic verification logic operated on.
Attack Vector
Exploitation requires local access with low privileges and no user interaction. An attacker able to trigger crafted ESP/ESN-protected traffic processing or invoke the AF_ALG socket interface to reach the authencesn template can exercise the affected code path. The flaw can lead to memory corruption affecting confidentiality, integrity, and availability within the kernel.
No verified public proof-of-concept code is available. Refer to the upstream patches for the precise fix logic.
Detection Methods for CVE-2026-43033
Indicators of Compromise
- Unexpected kernel oops or crashes referencing authencesn, crypto_authenc_esn, or related ESP/IPsec call stacks
- Anomalous IPsec ESN authentication failures coinciding with kernel cryptographic subsystem errors
- Unprivileged processes interacting with the AF_ALG socket family to instantiate authencesn transforms outside expected workloads
Detection Strategies
- Inventory running kernel versions across Linux fleets and compare against the upstream stable trees referenced by the kernel patches
- Audit /proc/crypto for the presence of authencesn and correlate with workloads that legitimately require it
- Monitor auditd and eBPF-based telemetry for socket(AF_ALG, ...) calls binding to authencesn from unexpected user contexts
Monitoring Recommendations
- Forward kernel ring buffer (dmesg) and journald records to a central log store and alert on crypto subsystem errors
- Track IPsec daemon logs (strongSwan, libreswan) for repeated ESN integrity check failures
- Subscribe to distribution security trackers to receive backport notifications for the listed kernel commits
How to Mitigate CVE-2026-43033
Immediate Actions Required
- Apply the vendor-provided kernel update containing one of the upstream commits as soon as it is available for your distribution
- Restrict access to the AF_ALG socket interface using seccomp, SELinux, or AppArmor policies on systems that do not require user-space crypto access
- Limit local shell access on multi-tenant Linux hosts to reduce exposure to local attack vectors
Patch Information
The issue is fixed by the following upstream Linux kernel commits: Kernel Patch 153d552, Kernel Patch 5466e7d, Kernel Patch 89fe118, Kernel Patch 8c62f61, Kernel Patch cded400, Kernel Patch d0c4ff6, Kernel Patch d589abd, and Kernel Patch e024941. The fix ensures hiseq is re-copied from the source on out-of-place decryption and rearranges the hashed data layout accordingly.
Workarounds
- Disable or avoid IPsec ESP configurations that negotiate extended sequence numbers with authencesn until the patch is applied
- Block the loading of the authenc_esn kernel module on systems that do not require IPsec ESN with modprobe blacklisting where operationally feasible
- Constrain unprivileged user namespaces and AF_ALG availability to reduce the local attack surface
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
