Home / Vulnerability Intelligence / CVE-2026-31739

CVE-2026-31739 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: May 3, 2026

Linux kernel tegra - Denial of Service

Published: May 1, 2026Updated: May 3, 2026Remote Exploitable

Overview

Linux kernel tegra crypto driver contains a misconfiguration caused by missing CRYPTO_ALG_ASYNC flag on asynchronous algorithms, letting users requesting synchronous algorithms cause crashes, exploit requires usage of crypto API with incorrect algorithm flags.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Users requesting synchronous algorithms may cause system crashes due to incorrect algorithm selection.

Mitigation

Update to the latest Linux kernel version containing the fix for CRYPTO_ALG_ASYNC flag.

References

https://git.kernel.org/stable/c/bdbf027a4504b4a86740de6beb6d18a957331839
https://git.kernel.org/stable/c/3aea268b6d5cde3b087df9eeecc3bc620aa09513
https://git.kernel.org/stable/c/429d05565eb19ee545d8a8395991372adbe4daf3
https://git.kernel.org/stable/c/4b56770d345524fc2acc143a2b85539cf7d74bc1

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-31739
Severity: High
CVSS Score: 8.8
Type: misconfiguration
Status: unconfirmed

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H