A memory leak flaw was found in the Linux kernels ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 5.14.20 (including) |
Linux_kernel | Linux | 5.15 (including) | 5.15 (including) |
Linux_kernel | Linux | 5.15-rc1 (including) | 5.15-rc1 (including) |
Linux_kernel | Linux | 5.15-rc2 (including) | 5.15-rc2 (including) |
Linux_kernel | Linux | 5.15-rc3 (including) | 5.15-rc3 (including) |