CVE-2026-46291 PUBLISHED

crypto: caam - guard HMAC key hex dumps in hash_digest_key

Assigner: Linux
Reserved: 13.05.2026 Published: 08.06.2026 Updated: 19.06.2026

In the Linux kernel, the following vulnerability has been resolved:

crypto: caam - guard HMAC key hex dumps in hash_digest_key

Use print_hex_dump_devel() for dumping sensitive HMAC key bytes in hash_digest_key() to avoid leaking secrets at runtime when CONFIG_DYNAMIC_DEBUG is enabled.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 045e36780f11523e26d1e4a8c78bdc57f4003bd0 to e8e72fdf47bd5ef7abe642b034c6178a61a8580a (excl.)
  • affected from 045e36780f11523e26d1e4a8c78bdc57f4003bd0 to cd849c07b8d706425e60a4dfcef54b7b67c967ce (excl.)
  • affected from 045e36780f11523e26d1e4a8c78bdc57f4003bd0 to a9207798fe619cbc85c8744a9b9e2af1db2b6e1a (excl.)
  • affected from 045e36780f11523e26d1e4a8c78bdc57f4003bd0 to 2adbfca7452eeac45117b8e803288a2767f7075f (excl.)
  • affected from 045e36780f11523e26d1e4a8c78bdc57f4003bd0 to c7e52fe3f7901ccb9cd29b3f7c683d809ba87e48 (excl.)
  • affected from 045e36780f11523e26d1e4a8c78bdc57f4003bd0 to 5cffe3c136891aa4d579bf5c079a68f7cb371b0c (excl.)
  • affected from 045e36780f11523e26d1e4a8c78bdc57f4003bd0 to b8f12d9b00c1950779e5679b9c13908584682bb6 (excl.)
  • affected from 045e36780f11523e26d1e4a8c78bdc57f4003bd0 to 177730a273b18e195263ed953853273e901b5064 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 3.6 is affected
  • unaffected from 0 to 3.6 (excl.)
  • unaffected from 5.10.259 to 5.10.* (incl.)
  • unaffected from 5.15.210 to 5.15.* (incl.)
  • unaffected from 6.1.176 to 6.1.* (incl.)
  • unaffected from 6.6.140 to 6.6.* (incl.)
  • unaffected from 6.12.88 to 6.12.* (incl.)
  • unaffected from 6.18.30 to 6.18.* (incl.)
  • unaffected from 7.0.7 to 7.0.* (incl.)
  • unaffected from 7.1 to * (incl.)

References