CVE-2026-23344 in Kernel
요약 (영어)
In the Linux kernel, the following vulnerability has been resolved:
crypto: ccp - Fix use-after-free on error path
In the error path of sev_tsm_init_locked(), the code dereferences 't'
after it has been freed with kfree(). The pr_err() statement attempts
to access t->tio_en and t->tio_init_done after the memory has been
released.
Move the pr_err() call before kfree(t) to access the fields while the
memory is still valid.
This issue reported by Smatch static analyser
If you want to get best quality of vulnerability data, you may have to visit VulDB.
책임이 있는
Linux
예약하다
2026. 01. 13.
공개
2026. 03. 25.
상태
확인됨
엔트리
VulDB provides additional information and datapoints for this CVE:
| 아이디 | 취약성 | CWE | 악용 | 대책 | CVE |
|---|---|---|---|---|---|
| 353088 | Linux Kernel crypto sev_tsm_init_locked 메모리 손상 | 416 | 정의되지 않음 | 공식 수정 | CVE-2026-23344 |