Use After Free in Cryptodev-linux

CVE-2026-28529

cryptodev-linux version 1.14 and prior contain a page reference handling flaw in the get_userbuf function of the /dev/crypto device driver that allows local users to trigger use-after-free conditions. Attackers with access to the /dev/cryp…

Vulnerability class: Use-After-Free

EPSS: 0.000 (5.8th percentile) — read the EPSS interpretation.

Affected products

Cryptodev-linux — versions 0

Weakness classification (CWE)

CWE-416 — Use After Free

References

nasm.re/posts/cryptodev-linux-vuln/ (technical-description, exploit)
gist.github.com/n4sm/0fd2479e0c23e0fa2f192cd8fda45750 (exploit)
github.com/cryptodev-linux/cryptodev-linux/pull/104 (patch)
www.vulncheck.com/advisories/cryptodev-linux-get-userbuf-use-after-free-lpe (third-party-advisory)