CVE-2024-26945

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-26945
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix nr_cpus < nr_iaa case If nr_cpus < nr_iaa, the calculated cpus_per_iaa will be 0, which causes a divide-by-0 in rebalance_wq_table(). Make sure cpus_per_iaa is 1 in that case, and also in the nr_iaa == 0 case, even though cpus_per_iaa is never used if nr_iaa == 0, for paranoia.

8.4 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/5a7e89d3315d1be86aff8a8bf849023cda6547f7 Patch
https://git.kernel.org/stable/c/a5ca1be7f9817de4e93085778b3ee2219bdc2664 Patch
https://git.kernel.org/stable/c/5a7e89d3315d1be86aff8a8bf849023cda6547f7 Patch
https://git.kernel.org/stable/c/a5ca1be7f9817de4e93085778b3ee2219bdc2664 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
History

20 Mar 2025, 21:26

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/5a7e89d3315d1be86aff8a8bf849023cda6547f7 - () https://git.kernel.org/stable/c/5a7e89d3315d1be86aff8a8bf849023cda6547f7 - Patch
References () https://git.kernel.org/stable/c/a5ca1be7f9817de4e93085778b3ee2219bdc2664 - () https://git.kernel.org/stable/c/a5ca1be7f9817de4e93085778b3ee2219bdc2664 - Patch
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

21 Nov 2024, 09:03

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/5a7e89d3315d1be86aff8a8bf849023cda6547f7 - () https://git.kernel.org/stable/c/5a7e89d3315d1be86aff8a8bf849023cda6547f7 -
References () https://git.kernel.org/stable/c/a5ca1be7f9817de4e93085778b3ee2219bdc2664 - () https://git.kernel.org/stable/c/a5ca1be7f9817de4e93085778b3ee2219bdc2664 -

03 Jul 2024, 01:50

Type Values Removed Values Added
CWE CWE-369
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.4
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: crypto: iaa - Corrige el caso nr_cpus &lt; nr_iaa Si nr_cpus &lt; nr_iaa, el cpus_per_iaa calculado será 0, lo que provoca una división por 0 en rebalance_wq_table(). Asegúrese de que cpus_per_iaa sea 1 en ese caso, y también en el caso de nr_iaa == 0, aunque cpus_per_iaa nunca se use si nr_iaa == 0, para paranoia.

01 May 2024, 06:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-01 06:15

Updated : 2025-03-20 21:26

NVD link : CVE-2024-26945

Mitre link : CVE-2024-26945

CVE.ORG link : CVE-2024-26945

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-369

Divide By Zero