CVE-2024-35926

May 19, 2024, 11:15 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix async_disable descriptor leak The disable_async paths of iaa_compress/decompress() don't free idxd descriptors in the async_disable case. Currently this only happens in the testcases where req->dst is set to null. Add a test to free them in those paths.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/262534ddc88dfea7474ed18adfecf856e4fbe054
https://git.kernel.org/stable/c/d994f7d77aaded05dc05af58a2720fd4f4b72a83

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-19
CVE-2024-35926

Timeline

Published: May 19, 2024, 11:15 a.m.
Last Modified: May 19, 2024, 11:15 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.