CVE-2026-43493
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk42th percentile — higher than 42% of all known CVEs
Summary
In the Linux kernel, a vulnerability was found in the pcrypt module that incorrectly handles MAY_BACKLOG requests. These requests can return EBUSY, which requires proper checking and filtering of EINPROGRESS notifications.
Risk Assessment
Improper handling of MAY_BACKLOG requests may lead to unexpected behavior of the cryptographic system, potentially causing errors in applications using encryption.
Recommendation
It is recommended to immediately update the Linux kernel to a version containing the fix for CVE-2026-43493. Monitor official security advisories from your Linux distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can return EBUSY. Handle them by checking for that value and filtering out EINPROGRESS notifications.

