CVE-2024-35926

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-35926
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35926.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-35926
Downstream
Related
Published
2024-05-19T10:10:36Z
Modified
2025-10-17T03:46:29.876931Z
Summary
crypto: iaa - Fix async_disable descriptor leak
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: iaa - Fix async_disable descriptor leak

The disableasync paths of iaacompress/decompress() don't free idxd descriptors in the async_disable case. Currently this only happens in the testcases where req->dst is set to null. Add a test to free them in those paths.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ea7a5cbb43696cfacf73e61916d1860ac30b5b2f
Fixed
d994f7d77aaded05dc05af58a2720fd4f4b72a83
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ea7a5cbb43696cfacf73e61916d1860ac30b5b2f
Fixed
262534ddc88dfea7474ed18adfecf856e4fbe054

Affected versions

v6.*

v6.7
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@262534ddc88dfea7474ed18adfecf856e4fbe054",
        "target": {
            "function": "iaa_decompress",
            "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "id": "CVE-2024-35926-36507a89",
        "digest": {
            "function_hash": "224008148662212040132294594822437717983",
            "length": 3008.0
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d994f7d77aaded05dc05af58a2720fd4f4b72a83",
        "target": {
            "function": "iaa_compress",
            "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "id": "CVE-2024-35926-42fb370b",
        "digest": {
            "function_hash": "165357669445904613551175491228518026399",
            "length": 2731.0
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@262534ddc88dfea7474ed18adfecf856e4fbe054",
        "target": {
            "function": "iaa_compress",
            "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "id": "CVE-2024-35926-734b1b30",
        "digest": {
            "function_hash": "165357669445904613551175491228518026399",
            "length": 2731.0
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@262534ddc88dfea7474ed18adfecf856e4fbe054",
        "target": {
            "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "id": "CVE-2024-35926-c969128b",
        "digest": {
            "line_hashes": [
                "273826982795731415108231872098965062874",
                "91158352061584440978619192835573803331",
                "20432001498591173438725298175669253729",
                "137356277882868017069732796692982161113",
                "324127261363641377750974472437349968860",
                "240533923082895110888640054515365224635",
                "319115786350082202710546454001935247295",
                "289885073847295595385508646085381596851"
            ],
            "threshold": 0.9
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d994f7d77aaded05dc05af58a2720fd4f4b72a83",
        "target": {
            "function": "iaa_decompress",
            "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "id": "CVE-2024-35926-d3a44507",
        "digest": {
            "function_hash": "224008148662212040132294594822437717983",
            "length": 3008.0
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d994f7d77aaded05dc05af58a2720fd4f4b72a83",
        "target": {
            "file": "drivers/crypto/intel/iaa/iaa_crypto_main.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "id": "CVE-2024-35926-d3d8fd23",
        "digest": {
            "line_hashes": [
                "273826982795731415108231872098965062874",
                "91158352061584440978619192835573803331",
                "20432001498591173438725298175669253729",
                "137356277882868017069732796692982161113",
                "324127261363641377750974472437349968860",
                "240533923082895110888640054515365224635",
                "319115786350082202710546454001935247295",
                "289885073847295595385508646085381596851"
            ],
            "threshold": 0.9
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.6