← Volver a CVEs
CVE-2024-41002
MEDIUM5.5
Descripcion
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - Fix memory leak for sec resource release The AIV is one of the SEC resources. When releasing resources, it need to release the AIV resources at the same time. Otherwise, memory leakage occurs. The aiv resource release is added to the sec resource release function.
Detalles CVE
Puntuacion CVSS v3.15.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado7/12/2024
Ultima modificacion11/3/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
linux:linux_kernel
Debilidades (CWE)
CWE-401
Referencias
https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.