QwikSec

Security Database

CVE

CWE

Training

CVE-2021-3744

Published: Mar 4, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

Vendor	Product	Versions
n/a	kernel	affected `Fixed in v5.15-rc4 and above.`

Weaknesses (CWE)

References

[oss-security] 20210914 Disclosure: CVE-2021-3744: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()

mailing-list

x_refsource_MLIST

FEDORA-2021-79cbbefebe

vendor-advisory

x_refsource_FEDORA

FEDORA-2021-ffda3d6fa1

vendor-advisory

x_refsource_FEDORA

FEDORA-2021-9dd76a1ed0

vendor-advisory

x_refsource_FEDORA

https://bugzilla.redhat.com/show_bug.cgi?id=2000627

x_refsource_MISC

https://seclists.org/oss-sec/2021/q3/164

x_refsource_MISC

https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0

x_refsource_MISC

https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680

x_refsource_MISC

[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.