5.5

CVE-2022-49260

crypto: hisilicon/sec - fix the aead software fallback for engine

In the Linux kernel, the following vulnerability has been resolved:

crypto: hisilicon/sec - fix the aead software fallback for engine

Due to the subreq pointer misuse the private context memory. The aead
soft crypto occasionally casues the OS panic as setting the 64K page.
Here is fix it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.14 < 5.15.33
LinuxLinux Kernel Version >= 5.16 < 5.16.19
LinuxLinux Kernel Version >= 5.17 < 5.17.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.157
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/0a2a464f863187f97e96ebc6384c052cafd4a54c
Patch
https://git.kernel.org/stable/c/40dba7c26e897c637e91312b35f664f1d4d0073c
Patch
https://git.kernel.org/stable/c/5c1149e2abe0b7489300736b8277b45b113de67f
Patch
https://git.kernel.org/stable/c/ef7b10f3cac7810ddcfd976304fd125aca33d144
Patch