CVE-2024-41002
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/07/2024
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
crypto: hisilicon/sec - Fix memory leak for sec resource release<br />
<br />
The AIV is one of the SEC resources. When releasing resources,<br />
it need to release the AIV resources at the same time.<br />
Otherwise, memory leakage occurs.<br />
<br />
The aiv resource release is added to the sec resource release<br />
function.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.15.162 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.96 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.36 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.9.7 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47
- https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6
- https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601
- https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2
- https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094
- https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47
- https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6
- https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601
- https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2
- https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html