CVE-2024-35926

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-35926
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35926.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-35926
Downstream
Related
Published
2024-05-19T10:10:36Z
Modified
2025-10-15T10:24:09.197946Z
Summary
crypto: iaa - Fix async_disable descriptor leak
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: iaa - Fix async_disable descriptor leak

The disableasync paths of iaacompress/decompress() don't free idxd descriptors in the async_disable case. Currently this only happens in the testcases where req->dst is set to null. Add a test to free them in those paths.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ea7a5cbb43696cfacf73e61916d1860ac30b5b2f
Fixed
d994f7d77aaded05dc05af58a2720fd4f4b72a83
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ea7a5cbb43696cfacf73e61916d1860ac30b5b2f
Fixed
262534ddc88dfea7474ed18adfecf856e4fbe054

Affected versions

v6.*

v6.7
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5

Database specific 

{
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c",
                "function": "iaa_decompress"
            },
            "deprecated": false,
            "digest": {
                "length": 3008.0,
                "function_hash": "224008148662212040132294594822437717983"
            },
            "id": "CVE-2024-35926-36507a89",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@262534ddc88dfea7474ed18adfecf856e4fbe054"
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c",
                "function": "iaa_compress"
            },
            "deprecated": false,
            "digest": {
                "length": 2731.0,
                "function_hash": "165357669445904613551175491228518026399"
            },
            "id": "CVE-2024-35926-42fb370b",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d994f7d77aaded05dc05af58a2720fd4f4b72a83"
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c",
                "function": "iaa_compress"
            },
            "deprecated": false,
            "digest": {
                "length": 2731.0,
                "function_hash": "165357669445904613551175491228518026399"
            },
            "id": "CVE-2024-35926-734b1b30",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@262534ddc88dfea7474ed18adfecf856e4fbe054"
        },
        {
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "273826982795731415108231872098965062874",
                    "91158352061584440978619192835573803331",
                    "20432001498591173438725298175669253729",
                    "137356277882868017069732796692982161113",
                    "324127261363641377750974472437349968860",
                    "240533923082895110888640054515365224635",
                    "319115786350082202710546454001935247295",
                    "289885073847295595385508646085381596851"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2024-35926-c969128b",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@262534ddc88dfea7474ed18adfecf856e4fbe054"
        },
        {
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c",
                "function": "iaa_decompress"
            },
            "deprecated": false,
            "digest": {
                "length": 3008.0,
                "function_hash": "224008148662212040132294594822437717983"
            },
            "id": "CVE-2024-35926-d3a44507",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d994f7d77aaded05dc05af58a2720fd4f4b72a83"
        },
        {
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "273826982795731415108231872098965062874",
                    "91158352061584440978619192835573803331",
                    "20432001498591173438725298175669253729",
                    "137356277882868017069732796692982161113",
                    "324127261363641377750974472437349968860",
                    "240533923082895110888640054515365224635",
                    "319115786350082202710546454001935247295",
                    "289885073847295595385508646085381596851"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2024-35926-d3d8fd23",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d994f7d77aaded05dc05af58a2720fd4f4b72a83"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.6