crypto: ccree - fix a memory leak in cc_mac_digest()

...

CVE-2026-45986

A flaw was found in the Linux kernel's cryptographic module, specifically within the ccmacdigest function of the ccree component. This vulnerability is a memory leak that occurs when a specific mapping operation fails to release allocated memory. Over time, this unreleased memory could lead to a...

UBUNTU-CVE-2026-45986

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - fix a memory leak in ccmacdigest Add ccunmapresult if ccmaphashrequestfinal fails to prevent potential memory leak...

CVE-2026-45986

The CVE-2026-45986 issue affects the Linux kernel crypto/ccree path, specifically a memory leak in cc_mac_digest. The root cause is a path where cc_map_hash_request_final() failures could leave memory unreleased; the fix adds cc_unmap_result() to prevent leaks. The vulnerability is locally exploi...

CVE-2026-45986 crypto: ccree - fix a memory leak in cc_mac_digest()

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - fix a memory leak in ccmacdigest Add ccunmapresult if ccmaphashrequestfinal fails to prevent potential memory leak...

CVE-2026-45986

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - fix a memory leak in ccmacdigest Add ccunmapresult if ccmaphashrequestfinal fails to prevent potential memory leak...

Linux Distros Unpatched Vulnerability : CVE-2026-45986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccree - fix a memory leak in ccmacdigest Add ccunmapresult if ccmaphashrequestfinal fails to prevent potential memory leak. CVE-2026-45986 Note that...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree – Fixed the use of ctxp-user.key after it is freed in cccipherexit. kfreesensitivectxp-user.key will free ctxp-user.key. However, ctxp-userkey is still used in the next line, which will lead to a use after free. We...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989565)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989565 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986892)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986892 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the...

UBUNTU-CVE-2022-49258

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

CVE-2022-49258 crypto: ccree - Fix use after free in cc_cipher_exit()

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

GSD-2023-1000698 crypto: ccree - Remove debugfs when platform_driver_register failed

crypto: ccree - Remove debugfs when platformdriverregister failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2022-1001581 crypto: ccree - Fix use after free in cc_cipher_exit()

crypto: ccree - Fix use after free in cccipherexit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

GSD-2022-1001275 crypto: ccree - Fix use after free in cc_cipher_exit()

crypto: ccree - Fix use after free in cccipherexit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...