CVE-2026-23044

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> PM: hibernate: Fix crash when freeing invalid crypto compressor<br /> <br /> When crypto_alloc_acomp() fails, it returns an ERR_PTR value, not NULL.<br /> <br /> The cleanup code in save_compressed_image() and load_compressed_image()<br /> unconditionally calls crypto_free_acomp() without checking for ERR_PTR,<br /> which causes crypto_acomp_tfm() to dereference an invalid pointer and<br /> crash the kernel.<br /> <br /> This can be triggered when the compression algorithm is unavailable<br /> (e.g., CONFIG_CRYPTO_LZO not enabled).<br /> <br /> Fix by adding IS_ERR_OR_NULL() checks before calling crypto_free_acomp()<br /> and acomp_request_free(), similar to the existing kthread_stop() check.<br /> <br /> [ rjw: Added 2 empty code lines ]