CVE-2024-26945

Summary

In the Linux kernel, the following vulnerability has been resolved:

crypto: iaa - Fix nr_cpus < nr_iaa case

If nr_cpus < nr_iaa, the calculated cpus_per_iaa will be 0, which causes a divide-by-0 in rebalance_wq_table().

Make sure cpus_per_iaa is 1 in that case, and also in the nr_iaa == 0 case, even though cpus_per_iaa is never used if nr_iaa == 0, for paranoia.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxea7a5cbb43696cfacf73e61916d1860ac30b5b2f < a5ca1be7f9817de4e93085778b3ee2219bdc2664affected
LinuxLinuxea7a5cbb43696cfacf73e61916d1860ac30b5b2f < 5a7e89d3315d1be86aff8a8bf849023cda6547f7affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.8.3 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References