crypto: hisilicon/sec2 – prevent req used-after-free for sec_CVE-2026-53055

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

crypto: hisilicon/sec2 - prevent req used-after-free for sec

During packet transmission, if the system is under heavy load,
the hardware might complete processing the packet and free the
request memory (req) before the transmission function finishes.
If the software subsequently accesses this req, a use-after-free
error will occur. The qp_ctx memory exists throughout the packet
sending process, so replace the req with the qp_ctx.

Basic Information

ID CVE-2026-53055

Source Linux

Published Jun 24, 2026 at 16:30

Modified Jun 28, 2026 at 06:38

Affected Product

Vendor Linux

Product Linux

Version f0ae287c50455f7be0d8dd45a803d403c7aa4d2e

Affected Versions Linux Linux f0ae287c50455f7be0d8dd45a803d403c7aa4d2e
Linux Linux f0ae287c50455f7be0d8dd45a803d403c7aa4d2e
Linux Linux f0ae287c50455f7be0d8dd45a803d403c7aa4d2e
Linux Linux 6.17

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/sec2 - prevent req used-after-free for sec\n\nDuring packet transmission, if the system is under heavy load,\nthe hardware might complete processing the packet and free the\nrequest memory (req) before the transmission function finishes.\nIf the software subsequently accesses this req, a use-after-free\nerror will occur. The qp_ctx memory exists throughout the packet\nsending process, so replace the req with the qp_ctx.",
    "published": "2026-06-24T16:30:00.876Z",
    "modified": "2026-06-28T06:38:47.302Z",
    "type": "cve",
    "title": "crypto: hisilicon/sec2 - prevent req used-after-free for sec",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/b375c3c7209cc59e40e97998aa9bc768369cca0e\nhttps://git.kernel.org/stable/c/ad73563f3a1edbfddf2724136c6a15826b354e18\nhttps://git.kernel.org/stable/c/67b53a660e6bf0da2fa8d8872e897a14d8059eaf",
    "id": "CVE-2026-53055",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux f0ae287c50455f7be0d8dd45a803d403c7aa4d2e\nLinux Linux f0ae287c50455f7be0d8dd45a803d403c7aa4d2e\nLinux Linux f0ae287c50455f7be0d8dd45a803d403c7aa4d2e\nLinux Linux 6.17",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "f0ae287c50455f7be0d8dd45a803d403c7aa4d2e",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply