CVE-2024-56681

crypto: bcm - add error check in the ahash_hmac_init function

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

crypto: bcm - add error check in the ahash_hmac_init function

The ahash_init functions may return fails. The ahash_hmac_init should
not return ok when ahash_init returns error. For an example, ahash_init
will return -ENOMEM when allocation memory is error.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-27 CVE Reserved
2024-12-28 CVE Published
2024-12-28 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/9d12ba86f818aa9cfe9f01b750336aa441f2ffa2	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/8f1a9a960b1107bd0e0ec3736055f5ed0e717edf	2024-12-05
https://git.kernel.org/stable/c/75e1e38e5d80d6d9011b7322698ffba3dd3db30a	2024-12-14
https://git.kernel.org/stable/c/28f8ffa945f7d7150463e15097ea73b19529d6f5	2024-12-14
https://git.kernel.org/stable/c/4ea3e3b761e371102bb1486778e2f8dbc9e37413	2024-12-14
https://git.kernel.org/stable/c/05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc	2024-12-14
https://git.kernel.org/stable/c/ae5253313e0ea5f00c06176074592b7f493c8546	2024-12-09
https://git.kernel.org/stable/c/ee36db8e8203420e6d5c42eb9428920c2fc36532	2024-12-05
https://git.kernel.org/stable/c/bba9e38c5ad41d0a88b22a59e5b6dd3e31825118	2024-12-05
https://git.kernel.org/stable/c/19630cf57233e845b6ac57c9c969a4888925467b	2024-11-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 4.19.325 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 4.19.325"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.4.287 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.4.287"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.10.231 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.10.231"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.15.174 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.15.174"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.1.120 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.1.120"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.6.64 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.6.64"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.11.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.11.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.12.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.12.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.13-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.13-rc1"		en		Affected