CVE-2026-31739

Source
https://cve.org/CVERecord?id=CVE-2026-31739
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31739.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-31739
Downstream
Published
2026-05-01T14:14:35.551Z
Modified
2026-07-15T01:49:14.301968841Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
crypto: tegra - Add missing CRYPTO_ALG_ASYNC
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: tegra - Add missing CRYPTOALGASYNC

The tegra crypto driver failed to set the CRYPTOALGASYNC on its asynchronous algorithms, causing the crypto API to select them for users that request only synchronous algorithms. This causes crashes (at least). Fix this by adding the flag like what the other drivers do. Also remove the unnecessary CRYPTOALGTYPE_* flags, since those just get ignored and overridden by the registration function anyway.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31739.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0880bb3b00c855fc244b7177ffdaafef4d0aa1e0
Fixed
bdbf027a4504b4a86740de6beb6d18a957331839
Fixed
3aea268b6d5cde3b087df9eeecc3bc620aa09513
Fixed
429d05565eb19ee545d8a8395991372adbe4daf3
Fixed
4b56770d345524fc2acc143a2b85539cf7d74bc1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31739.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.10.0
Fixed
6.12.81
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.22
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.12

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31739.json"