CVE-2026-23344 in Linux Kernel
要約 (英語)
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sev_tsm_init_locked(), the code dereferences 't' after it has been freed with kfree(). The pr_err() statement attempts to access t->tio_en and t->tio_init_done after the memory has been released. Move the pr_err() call before kfree(t) to access the fields while the memory is still valid. This issue reported by Smatch static analyser
責任者
Linux
予約する
2026年01月13日
公開
2026年03月25日
エントリ
VulDB provides additional information and datapoints for this CVE:
| 識別子 | 脆弱性 | CWE | 悪用可 | 対策 | CVE |
|---|---|---|---|---|---|
| 353088 | Linux Kernel crypto sev_tsm_init_locked メモリ破損 | 416 | 未定義 | 公式な修正 | CVE-2026-23344 |