CVE-2024-26945

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26945
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26945.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26945
Downstream
Related
Published
2024-05-01T05:18:09Z
Modified
2025-10-16T22:12:12.124360Z
Severity
  • 8.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
crypto: iaa - Fix nr_cpus < nr_iaa case
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: iaa - Fix nrcpus < nriaa case

If nrcpus < nriaa, the calculated cpusperiaa will be 0, which causes a divide-by-0 in rebalancewqtable().

Make sure cpusperiaa is 1 in that case, and also in the nriaa == 0 case, even though cpusperiaa is never used if nriaa == 0, for paranoia.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ea7a5cbb43696cfacf73e61916d1860ac30b5b2f
Fixed
a5ca1be7f9817de4e93085778b3ee2219bdc2664
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ea7a5cbb43696cfacf73e61916d1860ac30b5b2f
Fixed
5a7e89d3315d1be86aff8a8bf849023cda6547f7

Affected versions

v6.*

v6.7
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.3