Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-26824

HistoryApr 17, 2024 - 10:15 a.m.

CVE-2024-26824

2024-04-1710:15:09

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

crypto

vulnerability

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved:

crypto: algif_hash - Remove bogus SGL free on zero-length error path

When a zero-length message is hashed by algif_hash, and an error
is triggered, it tries to free an SG list that was never allocated
in the first place. Fix this by not freeing the SG list on the
zero-length error path.

References

git.kernel.org/stable/c/24c890dd712f6345e382256cae8c97abb0406b70

git.kernel.org/stable/c/775f3c1882a493168e08fdb8cde0865c8f3a8a29

git.kernel.org/stable/c/9c82920359b7c1eddaf72069bcfe0ffddf088cd0