CVE-2026-46291: Linux Kernel CAAM HMAC Key Leakage via Debug Output
A flaw in the Linux kernel's cryptographic subsystem can expose sensitive HMAC key material through debug output when certain debugging configurations are enabled. The vulnerability exists in the hash_digest_key function of the CAAM (Cryptographic Acceleration and Assurance Module) driver, which was inadvertently dumping key bytes in plaintext during kernel logging. An attacker with local access could potentially read these keys from kernel logs or memory if dynamic debugging is active, compromising cryptographic operations that depend on key secrecy.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 5.5 MEDIUM · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Weaknesses (CWE)
- —
- Affected products
- 1 configuration(s)
- Published / Modified
- 2026-06-08 / 2026-07-08
NVD description (verbatim)
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hash_digest_key Use print_hex_dump_devel() for dumping sensitive HMAC key bytes in hash_digest_key() to avoid leaking secrets at runtime when CONFIG_DYNAMIC_DEBUG is enabled.
8 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The Linux kernel's CAAM crypto driver contained a logic flaw in the hash_digest_key() function where HMAC key material was being logged using standard hex dump routines without conditional guards. When CONFIG_DYNAMIC_DEBUG is enabled, these dumps could expose full key material to kernel logs accessible to unprivileged local users. The fix involves replacing the unrestricted hex dump call with print_hex_dump_devel(), which respects dynamic debug filters and only outputs key material when explicitly requested via dynamic debugging controls, preventing unintended secret leakage at runtime.
Business impact
Organizations running Linux systems with CONFIG_DYNAMIC_DEBUG enabled face potential exposure of HMAC keys used in cryptographic authentication and integrity operations. This could allow attackers with local access to extract keys and forge or modify authenticated messages, undermining the integrity guarantees of systems relying on CAAM-accelerated HMAC operations. The risk is amplified in multi-tenant or shared-kernel environments where attackers gain low-privilege access.
Affected systems
The vulnerability affects Linux kernel implementations that include the CAAM cryptographic driver and are compiled with CONFIG_DYNAMIC_DEBUG enabled. This includes ARM-based systems with CAAM acceleration (common in embedded and IoT devices) and systems where dynamic debugging has been compiled in for development or troubleshooting purposes. The issue does not affect systems where CONFIG_DYNAMIC_DEBUG is disabled or systems not using the CAAM driver.
Exploitability
Exploitation requires local access to the affected system with sufficient privileges to read kernel logs or use dynamic debug controls. The attack surface is limited to users with local login capability or those who can trigger dynamic debug output through sysfs interfaces. Remote exploitation is not feasible. However, in development or staging environments where debug configs are common, the barrier to exploitation is low.
Remediation
Update to a Linux kernel version that includes the fix implementing print_hex_dump_devel() for HMAC key output in hash_digest_key(). Alternatively, disable CONFIG_DYNAMIC_DEBUG at kernel compile time if dynamic debugging is not operationally necessary. Organizations should audit kernel configurations in production systems and remove debug compilation flags unless explicitly required for troubleshooting.
Patch guidance
Verify the specific kernel version your distribution has patched by checking vendor security advisories and release notes. Apply the latest stable kernel update for your distribution (verify against your Linux vendor's CVE advisory pages). If immediate patching is not feasible, mitigate by disabling CONFIG_DYNAMIC_DEBUG and restricting local access to unprivileged user accounts.
Detection guidance
Monitor kernel logs for hex dumps containing key-like patterns, particularly in CAAM-related messages. Check kernel build configurations using 'cat /boot/config-$(uname -r) | grep CONFIG_DYNAMIC_DEBUG' to identify affected systems. Enable security monitoring on /sys/kernel/debug access to detect attempts to trigger debug output. Review system access logs for unauthorized local user activity that could have resulted in log inspection.
Why prioritize this
While the CVSS score is MEDIUM (5.5), the actual risk depends heavily on operational environment. Systems with debug configs enabled warrant immediate patching; production systems with CONFIG_DYNAMIC_DEBUG disabled face minimal risk. Prioritize patching in environments where: (1) local user access exists, (2) CAAM crypto is actively used, and (3) debug configurations are enabled. Defer for systems with hardened configs and restricted local access.
Risk score, explained
The CVSS 3.1 score of 5.5 reflects the local-only attack vector, low complexity, and requirement for local privilege escalation context. The vulnerability does not directly crash systems (no availability impact in most scenarios) but enables confidentiality compromise of cryptographic material under specific configuration conditions. The score appropriately captures a moderate risk suitable for standard remediation cycles rather than emergency patching, though context-dependent severity should drive actual prioritization.
Frequently asked questions
Do I need to patch if CONFIG_DYNAMIC_DEBUG is disabled in my kernel?
No. The vulnerability requires CONFIG_DYNAMIC_DEBUG to be enabled at compile time. If your kernel was compiled without this option, the vulnerable code path is not present. Verify your kernel configuration by running 'cat /boot/config-$(uname -r) | grep CONFIG_DYNAMIC_DEBUG'. A value of '# CONFIG_DYNAMIC_DEBUG is not set' indicates you are not affected.
Does this vulnerability allow remote attackers to steal keys?
No. The vulnerability requires local access to the system. Remote attackers cannot exploit this directly. However, if an attacker first gains local access through another vulnerability, they could then potentially read exposed HMAC keys from kernel logs.
Can disabling dynamic debugging completely mitigate this issue without patching?
Yes, disabling CONFIG_DYNAMIC_DEBUG at compile time eliminates the vulnerability. However, rebuilding the kernel is administratively complex. Applying the upstream patch is the recommended fix. Disabling is suitable as a temporary mitigation if patching is delayed.
Will this vulnerability affect encrypted traffic or connections in progress?
No. The vulnerability exposes stored key material in kernel logs and memory dumps, not live traffic. Existing connections remain protected. However, if an attacker extracts a key, they could forge new authenticated messages or forge authentication for future connections using that key material.
This analysis is based on publicly available vulnerability data as of the publication date. CVSS scores and severity ratings reflect the standard scoring methodology but may not capture organization-specific risk contexts. Verify all patch version numbers and remediation steps against official Linux distribution advisories before deployment. This vulnerability requires CONFIG_DYNAMIC_DEBUG to be enabled; most production systems with hardened configurations are not affected. Security teams should correlate this assessment with their own environmental risk factors, including local access controls and cryptographic usage patterns. Source: NVD (public-domain), retrieved 2026-07-16. Analysis generated by SEC.co (claude-haiku-4-5).
Affected vendors
Related vulnerabilities
- CVE-2025-71313MEDIUMLinux Kernel PCI Endpoint NULL Pointer Dereference
- CVE-2025-71314MEDIUMLinux Panthor GPU Driver Denial of Service via Cache Flush Timeout
- CVE-2025-71315MEDIUMLinux Kernel vkms DRM Vblank Timer Denial of Service
- CVE-2026-10004MEDIUMChrome UI Spoofing Vulnerability – Password Dialog Hijacking
- CVE-2026-10018MEDIUMInteger Overflow in Chrome ANGLE GPU Graphics Layer
- CVE-2026-10912MEDIUMChrome Extension Same-Origin Policy Bypass (CVSS 6.5)
- CVE-2026-10916MEDIUMChrome DevTools UXSS Vulnerability
- CVE-2026-10998MEDIUMChrome Media Out-of-Bounds Memory Read Vulnerability