CVE-2026-45986

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - fix a memory leak in cc_mac_digest() Add cc_unmap_result() if cc_map_hash_request_final() fails to prevent potential memory leak.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/02c64052fad03699b9c6d1df2f9b444d17e4ac50	Patch
https://git.kernel.org/stable/c/22f1dd4ca3bfe77db52cc7df3cc353dc114aab8b	Patch
https://git.kernel.org/stable/c/3061c9bfb3f5b3522ab174e2fa7473b24422d1c6	Patch
https://git.kernel.org/stable/c/502440c235fe34cee02b24d7f893841f7565b3bc	Patch
https://git.kernel.org/stable/c/7c21d58fcd6ad8e15a539347254093c93224a8b2	Patch
https://git.kernel.org/stable/c/7cd17993adb8a5d14a7e84d751316a5fdf0c251f	Patch
https://git.kernel.org/stable/c/910f335786a0a0f0b46c3c8c19a13d25cb4454b6	Patch
https://git.kernel.org/stable/c/f53458c7c756b3e0838d51cf1e9f41b25079801a	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

16 Jun 2026, 14:04

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/02c64052fad03699b9c6d1df2f9b444d17e4ac50 -~~	() https://git.kernel.org/stable/c/02c64052fad03699b9c6d1df2f9b444d17e4ac50 - Patch
References	~~() https://git.kernel.org/stable/c/22f1dd4ca3bfe77db52cc7df3cc353dc114aab8b -~~	() https://git.kernel.org/stable/c/22f1dd4ca3bfe77db52cc7df3cc353dc114aab8b - Patch
References	~~() https://git.kernel.org/stable/c/3061c9bfb3f5b3522ab174e2fa7473b24422d1c6 -~~	() https://git.kernel.org/stable/c/3061c9bfb3f5b3522ab174e2fa7473b24422d1c6 - Patch
References	~~() https://git.kernel.org/stable/c/502440c235fe34cee02b24d7f893841f7565b3bc -~~	() https://git.kernel.org/stable/c/502440c235fe34cee02b24d7f893841f7565b3bc - Patch
References	~~() https://git.kernel.org/stable/c/7c21d58fcd6ad8e15a539347254093c93224a8b2 -~~	() https://git.kernel.org/stable/c/7c21d58fcd6ad8e15a539347254093c93224a8b2 - Patch
References	~~() https://git.kernel.org/stable/c/7cd17993adb8a5d14a7e84d751316a5fdf0c251f -~~	() https://git.kernel.org/stable/c/7cd17993adb8a5d14a7e84d751316a5fdf0c251f - Patch
References	~~() https://git.kernel.org/stable/c/910f335786a0a0f0b46c3c8c19a13d25cb4454b6 -~~	() https://git.kernel.org/stable/c/910f335786a0a0f0b46c3c8c19a13d25cb4454b6 - Patch
References	~~() https://git.kernel.org/stable/c/f53458c7c756b3e0838d51cf1e9f41b25079801a -~~	() https://git.kernel.org/stable/c/f53458c7c756b3e0838d51cf1e9f41b25079801a - Patch
First Time		Linux linux Kernel Linux
CWE		CWE-401
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

01 Jun 2026, 17:17

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/7c21d58fcd6ad8e15a539347254093c93224a8b2 - () https://git.kernel.org/stable/c/7cd17993adb8a5d14a7e84d751316a5fdf0c251f - () https://git.kernel.org/stable/c/f53458c7c756b3e0838d51cf1e9f41b25079801a -

27 May 2026, 14:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-27 14:17

Updated : 2026-06-17 10:52

NVD link : CVE-2026-45986

Mitre link : CVE-2026-45986

CVE.ORG link : CVE-2026-45986

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10