Vulnerabilities > CVE-2024-26824 - Unspecified vulnerability in Linux Kernel

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

NVD

Published: 2024-04-17

Updated: 2025-03-27

Summary

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - Remove bogus SGL free on zero-length error path When a zero-length message is hashed by algif_hash, and an error is triggered, it tries to free an SG list that was never allocated in the first place. Fix this by not freeing the SG list on the zero-length error path.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 6.8 Linux Linux Kernel 6.7 Linux Linux Kernel 6.7.1 Linux Linux Kernel 6.7.2 Linux Linux Kernel 6.7.3 Linux Linux Kernel 6.7.4 Linux Linux Kernel 6.7.5 Linux Linux Kernel 6.7.6 Linux Linux Kernel 6.5 Linux Linux Kernel 6.5.1 Linux Linux Kernel 6.5.2 Linux Linux Kernel 6.5.3 Linux Linux Kernel 6.5.4 Linux Linux Kernel 6.5.5 Linux Linux Kernel 6.5.6 Linux Linux Kernel 6.5.7 Linux Linux Kernel 6.5.8 Linux Linux Kernel 6.5.9 Linux Linux Kernel 6.5.10 Linux Linux Kernel 6.5.11 Linux Linux Kernel 6.5.12 Linux Linux Kernel 6.5.13 Linux Linux Kernel 6.6 Linux Linux Kernel 6.6.1 Linux Linux Kernel 6.6.2 Linux Linux Kernel 6.6.3 Linux Linux Kernel 6.6.4 Linux Linux Kernel 6.6.5 Linux Linux Kernel 6.6.6 Linux Linux Kernel 6.6.7 Linux Linux Kernel 6.6.8 Linux Linux Kernel 6.6.9 Linux Linux Kernel 6.6.10 Linux Linux Kernel 6.6.11 Linux Linux Kernel 6.6.12 Linux Linux Kernel 6.6.13 Linux Linux Kernel 6.6.14 Linux Linux Kernel 6.6.15 Linux Linux Kernel 6.6.16 Linux Linux Kernel 6.6.17	64

Summary

Vulnerable Configurations

References