A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 5.15 (excluding) |
Linux_kernel | Linux | 5.15 (including) | 5.15 (including) |
Linux_kernel | Linux | 5.15-rc1 (including) | 5.15-rc1 (including) |
Linux_kernel | Linux | 5.15-rc2 (including) | 5.15-rc2 (including) |
Linux_kernel | Linux | 5.15-rc3 (including) | 5.15-rc3 (including) |