CVE-2021-3744 - Linux Linux Kernel, Debian Debian Linux and Fedoraproject Fedora
Moderate 5.5
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
Affected software
Linux Linux Kernel
Debian Debian Linux
Fedoraproject Fedora
Reference links
- https://seclists.org/oss-sec/2021/q3/164
- https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680
- https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0
- https://bugzilla.redhat.com/show_bug.cgi?id=2000627
- https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
- https://www.debian.org/security/2022/dsa-5096