| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024122832-CVE-2024-56681-d0c0@gregkh> Date: Sat, 28 Dec 2024 10:45:33 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-56681: crypto: bcm - add error check in the ahash_hmac_init function Description =========== In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahash_hmac_init function The ahash_init functions may return fails. The ahash_hmac_init should not return ok when ahash_init returns error. For an example, ahash_init will return -ENOMEM when allocation memory is error. The Linux kernel CVE team has assigned CVE-2024-56681 to this issue. Affected and fixed versions =========================== Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 4.19.325 with commit 8f1a9a960b1107bd0e0ec3736055f5ed0e717edf Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.4.287 with commit 75e1e38e5d80d6d9011b7322698ffba3dd3db30a Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.10.231 with commit 28f8ffa945f7d7150463e15097ea73b19529d6f5 Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.15.174 with commit 4ea3e3b761e371102bb1486778e2f8dbc9e37413 Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.1.120 with commit 05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.6.64 with commit ae5253313e0ea5f00c06176074592b7f493c8546 Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.11.11 with commit ee36db8e8203420e6d5c42eb9428920c2fc36532 Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.12.2 with commit bba9e38c5ad41d0a88b22a59e5b6dd3e31825118 Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.13-rc1 with commit 19630cf57233e845b6ac57c9c969a4888925467b Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-56681 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/crypto/bcm/cipher.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/8f1a9a960b1107bd0e0ec3736055f5ed0e717edf https://git.kernel.org/stable/c/75e1e38e5d80d6d9011b7322698ffba3dd3db30a https://git.kernel.org/stable/c/28f8ffa945f7d7150463e15097ea73b19529d6f5 https://git.kernel.org/stable/c/4ea3e3b761e371102bb1486778e2f8dbc9e37413 https://git.kernel.org/stable/c/05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc https://git.kernel.org/stable/c/ae5253313e0ea5f00c06176074592b7f493c8546 https://git.kernel.org/stable/c/ee36db8e8203420e6d5c42eb9428920c2fc36532 https://git.kernel.org/stable/c/bba9e38c5ad41d0a88b22a59e5b6dd3e31825118 https://git.kernel.org/stable/c/19630cf57233e845b6ac57c9c969a4888925467b
Powered by blists - more mailing lists