-
CVE-2026-23044
- EPSS 0.03%
- Veröffentlicht 04.02.2026 16:00:27
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
PM: hibernate: Fix crash when freeing invalid crypto compressor
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When crypto_alloc_acomp() fails, it returns an ERR_PTR value, not NULL. The cleanup code in save_compressed_image() and load_compressed_image() unconditionally calls crypto_free_acomp() without checking for ERR_PTR, which causes crypto_acomp_tfm() to dereference an invalid pointer and crash the kernel. This can be triggered when the compression algorithm is unavailable (e.g., CONFIG_CRYPTO_LZO not enabled). Fix by adding IS_ERR_OR_NULL() checks before calling crypto_free_acomp() and acomp_request_free(), similar to the existing kthread_stop() check. [ rjw: Added 2 empty code lines ]
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
b03d542c3c9569f549b1ba0cf7f4d90151fbf8ab
Version <
b7a883b0135dbc6817e90a829421c9fc8cd94bad
Status
affected
Version
b03d542c3c9569f549b1ba0cf7f4d90151fbf8ab
Version <
7966cf0ebe32c981bfa3db252cb5fc3bb1bf2e77
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.15
Status
affected
Version
0
Version <
6.15
Status
unaffected
Version <=
6.18.*
Version
6.18.6
Status
unaffected
Version <=
*
Version
6.19
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.077 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|