5.5

CVE-2026-45986

crypto: ccree - fix a memory leak in cc_mac_digest()

In the Linux kernel, the following vulnerability has been resolved:

crypto: ccree - fix a memory leak in cc_mac_digest()

Add cc_unmap_result() if cc_map_hash_request_final()
fails to prevent potential memory leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.17 < 5.10.258
LinuxLinux Kernel Version >= 5.11 < 5.15.209
LinuxLinux Kernel Version >= 5.16 < 6.1.175
LinuxLinux Kernel Version >= 6.2 < 6.6.140
LinuxLinux Kernel Version >= 6.7 < 6.12.86
LinuxLinux Kernel Version >= 6.13 < 6.18.27
LinuxLinux Kernel Version >= 6.19 < 7.0.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/3061c9bfb3f5b3522ab174e2fa7473b24422d1c6
Patch
https://git.kernel.org/stable/c/22f1dd4ca3bfe77db52cc7df3cc353dc114aab8b
Patch
https://git.kernel.org/stable/c/910f335786a0a0f0b46c3c8c19a13d25cb4454b6
Patch
https://git.kernel.org/stable/c/502440c235fe34cee02b24d7f893841f7565b3bc
Patch
https://git.kernel.org/stable/c/02c64052fad03699b9c6d1df2f9b444d17e4ac50
Patch
https://git.kernel.org/stable/c/7c21d58fcd6ad8e15a539347254093c93224a8b2
Patch
https://git.kernel.org/stable/c/7cd17993adb8a5d14a7e84d751316a5fdf0c251f
Patch
https://git.kernel.org/stable/c/f53458c7c756b3e0838d51cf1e9f41b25079801a
Patch