Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2024-41002
HistoryJul 12, 2024 - 1:15 p.m.

CVE-2024-41002

2024-07-1213:15:21
Debian Security Bug Tracker
security-tracker.debian.org
8
linux kernel
crypto
vulnerability
memory leak
hisilicon
sec
resource release
aiv
memory leakage

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

Low

EPSS

0

Percentile

5.0%

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - Fix memory leak for sec resource release The AIV is one of the SEC resources. When releasing resources, it need to release the AIV resources at the same time. Otherwise, memory leakage occurs. The aiv resource release is added to the sec resource release function.

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

Low

EPSS

0

Percentile

5.0%