cve/published/2024/CVE-2024-56681.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-56681: crypto: bcm - add error check in the ahash_hmac_init function

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 crypto: bcm - add error check in the ahash_hmac_init function

 The ahash_init functions may return fails. The ahash_hmac_init should
 not return ok when ahash_init returns error. For an example, ahash_init
 will return -ENOMEM when allocation memory is error.

 The Linux kernel CVE team has assigned CVE-2024-56681 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 4.19.325 with commit 8f1a9a960b1107bd0e0ec3736055f5ed0e717edf
 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.4.287 with commit 75e1e38e5d80d6d9011b7322698ffba3dd3db30a
 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.10.231 with commit 28f8ffa945f7d7150463e15097ea73b19529d6f5
 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.15.174 with commit 4ea3e3b761e371102bb1486778e2f8dbc9e37413
 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.1.120 with commit 05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc
 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.6.64 with commit ae5253313e0ea5f00c06176074592b7f493c8546
 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.11.11 with commit ee36db8e8203420e6d5c42eb9428920c2fc36532
 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.12.2 with commit bba9e38c5ad41d0a88b22a59e5b6dd3e31825118
 	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.13 with commit 19630cf57233e845b6ac57c9c969a4888925467b

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-56681
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/crypto/bcm/cipher.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/8f1a9a960b1107bd0e0ec3736055f5ed0e717edf
 	https://git.kernel.org/stable/c/75e1e38e5d80d6d9011b7322698ffba3dd3db30a
 	https://git.kernel.org/stable/c/28f8ffa945f7d7150463e15097ea73b19529d6f5
 	https://git.kernel.org/stable/c/4ea3e3b761e371102bb1486778e2f8dbc9e37413
 	https://git.kernel.org/stable/c/05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc
 	https://git.kernel.org/stable/c/ae5253313e0ea5f00c06176074592b7f493c8546
 	https://git.kernel.org/stable/c/ee36db8e8203420e6d5c42eb9428920c2fc36532
 	https://git.kernel.org/stable/c/bba9e38c5ad41d0a88b22a59e5b6dd3e31825118
 	https://git.kernel.org/stable/c/19630cf57233e845b6ac57c9c969a4888925467b
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-56681: crypto: bcm - add error check in the ahash_hmac_init function

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	crypto: bcm - add error check in the ahash_hmac_init function

	The ahash_init functions may return fails. The ahash_hmac_init should
	not return ok when ahash_init returns error. For an example, ahash_init
	will return -ENOMEM when allocation memory is error.

	The Linux kernel CVE team has assigned CVE-2024-56681 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 4.19.325 with commit 8f1a9a960b1107bd0e0ec3736055f5ed0e717edf
	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.4.287 with commit 75e1e38e5d80d6d9011b7322698ffba3dd3db30a
	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.10.231 with commit 28f8ffa945f7d7150463e15097ea73b19529d6f5
	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 5.15.174 with commit 4ea3e3b761e371102bb1486778e2f8dbc9e37413
	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.1.120 with commit 05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc
	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.6.64 with commit ae5253313e0ea5f00c06176074592b7f493c8546
	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.11.11 with commit ee36db8e8203420e6d5c42eb9428920c2fc36532
	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.12.2 with commit bba9e38c5ad41d0a88b22a59e5b6dd3e31825118
	Issue introduced in 4.11 with commit 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 and fixed in 6.13 with commit 19630cf57233e845b6ac57c9c969a4888925467b

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-56681
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/crypto/bcm/cipher.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/8f1a9a960b1107bd0e0ec3736055f5ed0e717edf
	https://git.kernel.org/stable/c/75e1e38e5d80d6d9011b7322698ffba3dd3db30a
	https://git.kernel.org/stable/c/28f8ffa945f7d7150463e15097ea73b19529d6f5
	https://git.kernel.org/stable/c/4ea3e3b761e371102bb1486778e2f8dbc9e37413
	https://git.kernel.org/stable/c/05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc
	https://git.kernel.org/stable/c/ae5253313e0ea5f00c06176074592b7f493c8546
	https://git.kernel.org/stable/c/ee36db8e8203420e6d5c42eb9428920c2fc36532
	https://git.kernel.org/stable/c/bba9e38c5ad41d0a88b22a59e5b6dd3e31825118
	https://git.kernel.org/stable/c/19630cf57233e845b6ac57c9c969a4888925467b