CVE-2026-43044 Overview
CVE-2026-43044 is a memory corruption vulnerability in the Linux kernel's Cryptographic Acceleration and Assurance Module (CAAM) driver. The flaw resides in the HMAC key handling logic of the crypto/caam subsystem. When userspace supplies an HMAC key longer than the underlying hash block size, the driver allocates a buffer to copy and hash the key into the real key. The allocation size was intended to be rounded up to DMA cache alignment, but the rounded value was never applied to the actual allocation. The resulting undersized buffer allows the hashed key write to corrupt adjacent kernel memory.
Critical Impact
A local user with access to the kernel crypto API can trigger DMA-driven memory corruption in adjacent kernel allocations, potentially leading to privilege escalation or system compromise.
Affected Products
- Linux kernel versions containing the crypto/caam HMAC key handling logic prior to the fix
- Systems using NXP/Freescale CAAM cryptographic hardware acceleration
- Distributions shipping vulnerable kernel builds across multiple stable branches
Discovery Timeline
- 2026-05-01 - CVE-2026-43044 published to NVD
- 2026-05-03 - Last updated in NVD database
Technical Details for CVE-2026-43044
Vulnerability Analysis
The Linux kernel CAAM driver implements HMAC operations using NXP cryptographic acceleration hardware. HMAC requires keys to be no longer than the underlying hash algorithm's block size. When a longer key is supplied, the driver hashes it down to the block size before use.
To perform this reduction, the driver duplicates the user-supplied key into a kernel buffer, then runs the hash operation against it. Because the resulting buffer is consumed by DMA hardware, its allocation must be aligned and sized to DMA cache line boundaries to prevent cache coherency artifacts from corrupting neighboring allocations.
The code computed a properly rounded size value but passed the original unrounded size to the allocator. The allocator returned a buffer too small to safely receive the DMA-written hashed key, allowing writes to overflow into adjacent kernel heap memory.
Root Cause
The defect originated in the use of kmemdup, which allocates and copies in a single step using the original key length rather than the DMA-aligned length. The fix replaces kmemdup with a kmalloc call sized to the rounded length, followed by an explicit memcpy of the original key contents. This ensures the allocation matches the size required for safe DMA cache line operations.
Attack Vector
Exploitation requires local access and the ability to invoke the kernel crypto API, typically through AF_ALG sockets or in-kernel consumers that accept user-controlled HMAC key material. An attacker submits an HMAC key longer than the algorithm's block size, triggering the undersized allocation. The subsequent hash output then writes beyond the intended buffer, corrupting whatever kernel object happens to occupy the adjacent slab region. Skilled exploitation of slab-adjacent corruption can lead to privilege escalation. Refer to the upstream commits, including commit 5ddfdcbe10dc and commit 68feed135a0c, for the corrected allocation logic.
Detection Methods for CVE-2026-43044
Indicators of Compromise
- Unexpected kernel oops, panics, or SLUB/SLAB corruption messages in dmesg referencing CAAM HMAC code paths
- KASAN reports of out-of-bounds writes adjacent to allocations made by caam_hash or ahash_setkey
- Processes invoking AF_ALG HMAC operations with abnormally long keys on CAAM-equipped hardware
Detection Strategies
- Enable KASAN on test or canary systems to catch the out-of-bounds write at the source allocation
- Audit kernel logs for slab corruption signatures correlated with crypto subsystem activity
- Inventory hosts running on NXP/Freescale CAAM-capable platforms (i.MX, QorIQ, Layerscape) to scope exposure
Monitoring Recommendations
- Forward dmesg and kernel audit events to a centralized logging pipeline for correlation
- Alert on unprivileged processes opening AF_ALG sockets with HMAC algorithms and large key payloads
- Track kernel version inventory across the fleet to confirm patched builds reach all CAAM-equipped systems
How to Mitigate CVE-2026-43044
Immediate Actions Required
- Apply the upstream Linux kernel patches referenced in the stable tree commits and rebuild affected kernels
- Prioritize patching on systems exposed to untrusted local users or running multi-tenant workloads
- Restrict access to the kernel crypto API where feasible by limiting AF_ALG socket creation through sandboxing or seccomp policies
Patch Information
The fix is distributed across multiple stable kernel branches. The corrective change replaces the kmemdup call with a kmalloc of DMA-aligned size followed by memcpy. See the merged commits: 5ddfdcbe10dc, 68feed135a0c, a7ecf06d3ee0, c0c133e0225d, and f2af8be110bd.
Workarounds
- Disable the CAAM HMAC algorithms via crypto API priority configuration where software fallbacks are acceptable
- Block userspace access to AF_ALG sockets using seccomp filters or by removing the algif_hash module
- Limit local shell access on CAAM-equipped systems until kernel updates can be deployed
# Configuration example: block algif_hash to remove userspace HMAC access
echo "blacklist algif_hash" | sudo tee /etc/modprobe.d/blacklist-algif_hash.conf
sudo rmmod algif_hash 2>/dev/null || true
# Verify CAAM driver and kernel version after patching
uname -r
dmesg | grep -i caam
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
