CVE-2026-23344 in Linux Kernel
Summary
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sev_tsm_init_locked(), the code dereferences 't' after it has been freed with kfree(). The pr_err() statement attempts to access t->tio_en and t->tio_init_done after the memory has been released. Move the pr_err() call before kfree(t) to access the fields while the memory is still valid. This issue reported by Smatch static analyser
Responsible
Linux
Reservation
01/13/2026
Disclosure
03/25/2026
Entries
| ID | Vulnerability | CWE | Base | Temp | 0day | Today | Exp | KEV | EPSS | CTI | Cou | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 353088 | Linux Kernel crypto sev_tsm_init_locked use after free | 416 | 8.0 | 7.6 | $5k-$25k | $0-$5k | Not defined | 0.00018 | 1.26 | Official fix | CVE-2026-23344 |