CVE-2024-35926
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
crypto: iaa - Fix async_disable descriptor leak
The disable_async paths of iaa_compress/decompress() don't free idxd descriptors in the async_disable case. Currently this only happens in the testcases where req->dst is set to null. Add a test to free them in those paths.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ea7a5cbb43696cfacf73e61916d1860ac30b5b2f < d994f7d77aaded05dc05af58a2720fd4f4b72a83 | affected |
| Linux | Linux | ea7a5cbb43696cfacf73e61916d1860ac30b5b2f < 262534ddc88dfea7474ed18adfecf856e4fbe054 | affected |
| Linux | Linux | 6.8 | affected |
| Linux | Linux | 0 < 6.8 | unaffected |
| Linux | Linux | 6.8.6 <= 6.8.* | unaffected |
| Linux | Linux | 6.9 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/d994f7d77aaded05dc05af58a2720fd4f4b72a83
- https://git.kernel.org/stable/c/262534ddc88dfea7474ed18adfecf856e4fbe054
References
- https://git.kernel.org/stable/c/d994f7d77aaded05dc05af58a2720fd4f4b72a83
- https://git.kernel.org/stable/c/262534ddc88dfea7474ed18adfecf856e4fbe054
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.