Description

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix async_disable descriptor leak The disable_async paths of iaa_compress/decompress() don't free idxd descriptors in the async_disable case. Currently this only happens in the testcases where req->dst is set to null. Add a test to free them in those paths.

INFO

Published Date :

2024-05-19T10:10:36.420Z

Last Modified :

2025-05-04T09:08:31.045Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-35926 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-35926.

URL Resource
https://git.kernel.org/stable/c/262534ddc88dfea7474ed18adfecf856e4fbe054 cve-icon cve-icon
https://git.kernel.org/stable/c/d994f7d77aaded05dc05af58a2720fd4f4b72a83 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024051915-CVE-2024-35926-d677@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-35926 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-35926 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact