GHSA-835x-cv3m-5wj5
A vulnerability in the Linux kernel's crypto subsystem related to the inside-secure/eip93 driver has been resolved. The issue involves improper unregistration of cryptographic algorithms based on hardware support indicated by the EIP93 options register. Currently, all algorithms are unregistered regardless of hardware support, causing a system panic on platforms lacking full silicon implementation of these options.
AI Analysis
Technical Summary
The Linux kernel vulnerability CVE-2026-45854 affects the inside-secure/eip93 crypto driver. The EIP93 hardware includes an options register that specifies which cryptographic algorithms are implemented in silicon. The kernel registers supported algorithms accordingly but erroneously unregisters all algorithms during cleanup, including those not supported by the hardware. This leads to a kernel panic on systems where not all options are implemented in silicon. The vulnerability impacts system stability rather than confidentiality or integrity.
Potential Impact
The vulnerability causes a denial of service condition by triggering a kernel panic on affected platforms. There is no impact on confidentiality or integrity of data. The issue affects system availability due to improper handling of cryptographic algorithm unregistration in the kernel driver.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since this is a Linux kernel vulnerability, monitor official Linux kernel releases and security advisories for patches addressing CVE-2026-45854. Apply updates from the kernel maintainers once available to prevent system panics related to this issue.
GHSA-835x-cv3m-5wj5
Description
A vulnerability in the Linux kernel's crypto subsystem related to the inside-secure/eip93 driver has been resolved. The issue involves improper unregistration of cryptographic algorithms based on hardware support indicated by the EIP93 options register. Currently, all algorithms are unregistered regardless of hardware support, causing a system panic on platforms lacking full silicon implementation of these options.
CVSS v3.1
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Linux kernel vulnerability CVE-2026-45854 affects the inside-secure/eip93 crypto driver. The EIP93 hardware includes an options register that specifies which cryptographic algorithms are implemented in silicon. The kernel registers supported algorithms accordingly but erroneously unregisters all algorithms during cleanup, including those not supported by the hardware. This leads to a kernel panic on systems where not all options are implemented in silicon. The vulnerability impacts system stability rather than confidentiality or integrity.
Potential Impact
The vulnerability causes a denial of service condition by triggering a kernel panic on affected platforms. There is no impact on confidentiality or integrity of data. The issue affects system availability due to improper handling of cryptographic algorithm unregistration in the kernel driver.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since this is a Linux kernel vulnerability, monitor official Linux kernel releases and security advisories for patches addressing CVE-2026-45854. Apply updates from the kernel maintainers once available to prevent system panics related to this issue.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- GHSA-835x-cv3m-5wj5
- Osv Schema Version
- 1.4.0
- Aliases
- ["CVE-2026-45854"]
- Ecosystems
- []
- Database Specific Severity
- MODERATE
- Cvss Version
- 3.1
Threat ID: 6a3ef7f327e9c79719036e9e
Added to database: 06/26/2026, 22:06:43 UTC
Last enriched: 06/26/2026, 22:52:19 UTC
Last updated: 06/26/2026, 23:11:17 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.