{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26877", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.185Z", "datePublished": "2024-04-17T10:27:35.197Z", "dateUpdated": "2026-05-12T11:49:50.041Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:05:59.609Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: xilinx - call finalize with bh disabled\n\nWhen calling crypto_finalize_request, BH should be disabled to avoid\ntriggering the following calltrace:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 74 at crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118\n Modules linked in: cryptodev(O)\n CPU: 2 PID: 74 Comm: firmware:zynqmp Tainted: G O 6.8.0-rc1-yocto-standard #323\n Hardware name: ZynqMP ZCU102 Rev1.0 (DT)\n pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : crypto_finalize_request+0xa0/0x118\n lr : crypto_finalize_request+0x104/0x118\n sp : ffffffc085353ce0\n x29: ffffffc085353ce0 x28: 0000000000000000 x27: ffffff8808ea8688\n x26: ffffffc081715038 x25: 0000000000000000 x24: ffffff880100db00\n x23: ffffff880100da80 x22: 0000000000000000 x21: 0000000000000000\n x20: ffffff8805b14000 x19: ffffff880100da80 x18: 0000000000010450\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000003 x13: 0000000000000000 x12: ffffff880100dad0\n x11: 0000000000000000 x10: ffffffc0832dcd08 x9 : ffffffc0812416d8\n x8 : 00000000000001f4 x7 : ffffffc0830d2830 x6 : 0000000000000001\n x5 : ffffffc082091000 x4 : ffffffc082091658 x3 : 0000000000000000\n x2 : ffffffc7f9653000 x1 : 0000000000000000 x0 : ffffff8802d20000\n Call trace:\n crypto_finalize_request+0xa0/0x118\n crypto_finalize_aead_request+0x18/0x30\n zynqmp_handle_aes_req+0xcc/0x388\n crypto_pump_work+0x168/0x2d8\n kthread_worker_fn+0xfc/0x3a0\n kthread+0x118/0x138\n ret_from_fork+0x10/0x20\n irq event stamp: 40\n hardirqs last enabled at (39): [<ffffffc0812416f8>] _raw_spin_unlock_irqrestore+0x70/0xb0\n hardirqs last disabled at (40): [<ffffffc08122d208>] el1_dbg+0x28/0x90\n softirqs last enabled at (36): [<ffffffc080017dec>] kernel_neon_begin+0x8c/0xf0\n softirqs last disabled at (34): [<ffffffc080017dc0>] kernel_neon_begin+0x60/0xf0\n ---[ end trace 0000000000000000 ]---"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/xilinx/zynqmp-aes-gcm.c"], "versions": [{"version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "8a01335aedc50a66d04dd39203c89f4bc8042596", "status": "affected", "versionType": "git"}, {"version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "03e6d4e948432a61b35783323b6ab2be071d2619", "status": "affected", "versionType": "git"}, {"version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "a71f66bd5f7b9b35a8aaa49e29565eca66299399", "status": "affected", "versionType": "git"}, {"version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "23bc89fdce71124cd2126fc919c7076e7cb489cf", "status": "affected", "versionType": "git"}, {"version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "9db89b1fb85557892e6681724b367287de5f9f20", "status": "affected", "versionType": "git"}, {"version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "dbf291d8ffffb70f48286176a15c6c54f0bb0743", "status": "affected", "versionType": "git"}, {"version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "a853450bf4c752e664abab0b2fad395b7ad7701c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/xilinx/zynqmp-aes-gcm.c"], "versions": [{"version": "5.7", "status": "affected"}, {"version": "0", "lessThan": "5.7", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "5.10.214"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "5.15.153"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.1.83"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.6.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.8.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8a01335aedc50a66d04dd39203c89f4bc8042596"}, {"url": "https://git.kernel.org/stable/c/03e6d4e948432a61b35783323b6ab2be071d2619"}, {"url": "https://git.kernel.org/stable/c/a71f66bd5f7b9b35a8aaa49e29565eca66299399"}, {"url": "https://git.kernel.org/stable/c/23bc89fdce71124cd2126fc919c7076e7cb489cf"}, {"url": "https://git.kernel.org/stable/c/9db89b1fb85557892e6681724b367287de5f9f20"}, {"url": "https://git.kernel.org/stable/c/dbf291d8ffffb70f48286176a15c6c54f0bb0743"}, {"url": "https://git.kernel.org/stable/c/a853450bf4c752e664abab0b2fad395b7ad7701c"}], "title": "crypto: xilinx - call finalize with bh disabled", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.426Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8a01335aedc50a66d04dd39203c89f4bc8042596", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/03e6d4e948432a61b35783323b6ab2be071d2619", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a71f66bd5f7b9b35a8aaa49e29565eca66299399", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/23bc89fdce71124cd2126fc919c7076e7cb489cf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9db89b1fb85557892e6681724b367287de5f9f20", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dbf291d8ffffb70f48286176a15c6c54f0bb0743", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a853450bf4c752e664abab0b2fad395b7ad7701c", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26877", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:28.996233Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:26.216Z"}}, {"x_adpType": "supplier", "providerMetadata": {"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-05-12T11:49:50.041Z"}, "affected": [{"vendor": "Siemens", "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}]}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8a01335aedc50a66d04dd39203c89f4bc8042596", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/03e6d4e948432a61b35783323b6ab2be071d2619", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a71f66bd5f7b9b35a8aaa49e29565eca66299399", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/23bc89fdce71124cd2126fc919c7076e7cb489cf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9db89b1fb85557892e6681724b367287de5f9f20", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dbf291d8ffffb70f48286176a15c6c54f0bb0743", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a853450bf4c752e664abab0b2fad395b7ad7701c", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.426Z"}}, {"affected": [{"vendor": "Siemens", "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "x_adpType": "supplier", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}], "providerMetadata": {"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-05-12T11:49:50.041Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26877", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:28.996233Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.675Z"}}], "cna": {"title": "crypto: xilinx - call finalize with bh disabled", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "8a01335aedc50a66d04dd39203c89f4bc8042596", "versionType": "git"}, {"status": "affected", "version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "03e6d4e948432a61b35783323b6ab2be071d2619", "versionType": "git"}, {"status": "affected", "version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "a71f66bd5f7b9b35a8aaa49e29565eca66299399", "versionType": "git"}, {"status": "affected", "version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "23bc89fdce71124cd2126fc919c7076e7cb489cf", "versionType": "git"}, {"status": "affected", "version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "9db89b1fb85557892e6681724b367287de5f9f20", "versionType": "git"}, {"status": "affected", "version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "dbf291d8ffffb70f48286176a15c6c54f0bb0743", "versionType": "git"}, {"status": "affected", "version": "4d96f7d48131fefe30d7c1d1e2a23ef37164dbf5", "lessThan": "a853450bf4c752e664abab0b2fad395b7ad7701c", "versionType": "git"}], "programFiles": ["drivers/crypto/xilinx/zynqmp-aes-gcm.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.7"}, {"status": "unaffected", "version": "0", "lessThan": "5.7", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.214", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/crypto/xilinx/zynqmp-aes-gcm.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/8a01335aedc50a66d04dd39203c89f4bc8042596"}, {"url": "https://git.kernel.org/stable/c/03e6d4e948432a61b35783323b6ab2be071d2619"}, {"url": "https://git.kernel.org/stable/c/a71f66bd5f7b9b35a8aaa49e29565eca66299399"}, {"url": "https://git.kernel.org/stable/c/23bc89fdce71124cd2126fc919c7076e7cb489cf"}, {"url": "https://git.kernel.org/stable/c/9db89b1fb85557892e6681724b367287de5f9f20"}, {"url": "https://git.kernel.org/stable/c/dbf291d8ffffb70f48286176a15c6c54f0bb0743"}, {"url": "https://git.kernel.org/stable/c/a853450bf4c752e664abab0b2fad395b7ad7701c"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: xilinx - call finalize with bh disabled\n\nWhen calling crypto_finalize_request, BH should be disabled to avoid\ntriggering the following calltrace:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 74 at crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118\n Modules linked in: cryptodev(O)\n CPU: 2 PID: 74 Comm: firmware:zynqmp Tainted: G O 6.8.0-rc1-yocto-standard #323\n Hardware name: ZynqMP ZCU102 Rev1.0 (DT)\n pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : crypto_finalize_request+0xa0/0x118\n lr : crypto_finalize_request+0x104/0x118\n sp : ffffffc085353ce0\n x29: ffffffc085353ce0 x28: 0000000000000000 x27: ffffff8808ea8688\n x26: ffffffc081715038 x25: 0000000000000000 x24: ffffff880100db00\n x23: ffffff880100da80 x22: 0000000000000000 x21: 0000000000000000\n x20: ffffff8805b14000 x19: ffffff880100da80 x18: 0000000000010450\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000003 x13: 0000000000000000 x12: ffffff880100dad0\n x11: 0000000000000000 x10: ffffffc0832dcd08 x9 : ffffffc0812416d8\n x8 : 00000000000001f4 x7 : ffffffc0830d2830 x6 : 0000000000000001\n x5 : ffffffc082091000 x4 : ffffffc082091658 x3 : 0000000000000000\n x2 : ffffffc7f9653000 x1 : 0000000000000000 x0 : ffffff8802d20000\n Call trace:\n crypto_finalize_request+0xa0/0x118\n crypto_finalize_aead_request+0x18/0x30\n zynqmp_handle_aes_req+0xcc/0x388\n crypto_pump_work+0x168/0x2d8\n kthread_worker_fn+0xfc/0x3a0\n kthread+0x118/0x138\n ret_from_fork+0x10/0x20\n irq event stamp: 40\n hardirqs last enabled at (39): [<ffffffc0812416f8>] _raw_spin_unlock_irqrestore+0x70/0xb0\n hardirqs last disabled at (40): [<ffffffc08122d208>] el1_dbg+0x28/0x90\n softirqs last enabled at (36): [<ffffffc080017dec>] kernel_neon_begin+0x8c/0xf0\n softirqs last disabled at (34): [<ffffffc080017dc0>] kernel_neon_begin+0x60/0xf0\n ---[ end trace 0000000000000000 ]---"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.214", "versionStartIncluding": "5.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.153", "versionStartIncluding": "5.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.23", "versionStartIncluding": "5.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7.11", "versionStartIncluding": "5.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.2", "versionStartIncluding": "5.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9", "versionStartIncluding": "5.7"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:05:59.609Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26877", "state": "PUBLISHED", "dateUpdated": "2026-05-12T11:49:50.041Z", "dateReserved": "2024-02-19T14:20:24.185Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-17T10:27:35.197Z", "assignerShortName": "Linux"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CFC410C-9CA9-4D1C-BF75-DCE173F26777", "versionEndExcluding": "5.10.214", "versionStartIncluding": "5.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B", "versionEndExcluding": "5.15.153", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19", "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: xilinx - call finalize with bh disabled\n\nWhen calling crypto_finalize_request, BH should be disabled to avoid\ntriggering the following calltrace:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 74 at crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118\n Modules linked in: cryptodev(O)\n CPU: 2 PID: 74 Comm: firmware:zynqmp Tainted: G O 6.8.0-rc1-yocto-standard #323\n Hardware name: ZynqMP ZCU102 Rev1.0 (DT)\n pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : crypto_finalize_request+0xa0/0x118\n lr : crypto_finalize_request+0x104/0x118\n sp : ffffffc085353ce0\n x29: ffffffc085353ce0 x28: 0000000000000000 x27: ffffff8808ea8688\n x26: ffffffc081715038 x25: 0000000000000000 x24: ffffff880100db00\n x23: ffffff880100da80 x22: 0000000000000000 x21: 0000000000000000\n x20: ffffff8805b14000 x19: ffffff880100da80 x18: 0000000000010450\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000003 x13: 0000000000000000 x12: ffffff880100dad0\n x11: 0000000000000000 x10: ffffffc0832dcd08 x9 : ffffffc0812416d8\n x8 : 00000000000001f4 x7 : ffffffc0830d2830 x6 : 0000000000000001\n x5 : ffffffc082091000 x4 : ffffffc082091658 x3 : 0000000000000000\n x2 : ffffffc7f9653000 x1 : 0000000000000000 x0 : ffffff8802d20000\n Call trace:\n crypto_finalize_request+0xa0/0x118\n crypto_finalize_aead_request+0x18/0x30\n zynqmp_handle_aes_req+0xcc/0x388\n crypto_pump_work+0x168/0x2d8\n kthread_worker_fn+0xfc/0x3a0\n kthread+0x118/0x138\n ret_from_fork+0x10/0x20\n irq event stamp: 40\n hardirqs last enabled at (39): [<ffffffc0812416f8>] _raw_spin_unlock_irqrestore+0x70/0xb0\n hardirqs last disabled at (40): [<ffffffc08122d208>] el1_dbg+0x28/0x90\n softirqs last enabled at (36): [<ffffffc080017dec>] kernel_neon_begin+0x8c/0xf0\n softirqs last disabled at (34): [<ffffffc080017dc0>] kernel_neon_begin+0x60/0xf0\n ---[ end trace 0000000000000000 ]---"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: xilinx - llamada a finalizar con bh deshabilitado Al llamar a crypto_finalize_request, BH debe estar deshabilitado para evitar que se active el siguiente seguimiento de llamadas: ------------[ cut aqu\u00ed ]------------ ADVERTENCIA: CPU: 2 PID: 74 en crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118 M\u00f3dulos vinculados en: cryptodev(O) CPU: 2 PID: 74 Comm : firmware:zynqmp Contaminado: GO 6.8.0-rc1-yocto-standard #323 Nombre del hardware: ZynqMP ZCU102 Rev1.0 (DT) pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc: crypto_finalize_request+0xa0/0x118 lr: crypto_finalize_request+0x104/0x118 sp: ffffffc085353ce0 x29: ffffffc085353ce0 x28: 00000000000000000 x27: ffffff8808ea8688 x26: 15038 x25: 0000000000000000 x24: ffffff880100db00 x23: ffffff880100da80 x22: 0000000000000000 x21: 0000000000000000 x20: ffffff8805b14000 x19: ffffff880100da80 x18: 0000000000010450 x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 x14: 0000000000000003 x13: 0000000000000000 x12: ffffff880100dad0 x11: 0000000000000000 x10: ffffffc0832dcd08 x9 : ffffffc0812416d8 x8 : 00000000000001f4 x7 : ffffffc0830d2830 x6 : 0000000000000001 x5 : ffffffc082091000 x4 : ffffffc082091658 x3 : 0000000000000000 x2 : ffffffc7f9653000 x1: 0000000000000000 x0: ffffff8802d20000 Rastreo de llamadas: crypto_finalize_request+0xa0/0x118 crypto_finalize_aead_request+0x18/0x30 zynqmp_handle_aes_req+0xcc/0x388 crypto_pump_work+0x 168/0x2d8 kthread_worker_fn+0xfc/0x3a0 kthread+0x118/0x138 ret_from_fork+0x10/0x20 sello de evento irq: 40 hardirqs habilitado por \u00faltima vez en (39): [] _raw_spin_unlock_irqrestore+0x70/0xb0 hardirqs habilitado por \u00faltima vez en (40): [] el1_dbg+0x28/0x90 softirqs habilitado por \u00faltima vez en (36): [] _comenzar +0x8c/0xf0 softirqs se deshabilit\u00f3 por \u00faltima vez en (34): [] kernel_neon_begin+0x60/0xf0 ---[ final de seguimiento 0000000000000000 ]---"}], "id": "CVE-2024-26877", "lastModified": "2026-05-12T12:16:22.737", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-17T11:15:09.820", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/03e6d4e948432a61b35783323b6ab2be071d2619"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/23bc89fdce71124cd2126fc919c7076e7cb489cf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8a01335aedc50a66d04dd39203c89f4bc8042596"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9db89b1fb85557892e6681724b367287de5f9f20"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a71f66bd5f7b9b35a8aaa49e29565eca66299399"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a853450bf4c752e664abab0b2fad395b7ad7701c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dbf291d8ffffb70f48286176a15c6c54f0bb0743"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/03e6d4e948432a61b35783323b6ab2be071d2619"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/23bc89fdce71124cd2126fc919c7076e7cb489cf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8a01335aedc50a66d04dd39203c89f4bc8042596"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9db89b1fb85557892e6681724b367287de5f9f20"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a71f66bd5f7b9b35a8aaa49e29565eca66299399"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a853450bf4c752e664abab0b2fad395b7ad7701c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dbf291d8ffffb70f48286176a15c6c54f0bb0743"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: crypto: xilinx - call finalize with bh disabled", "id": "2275697", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275697"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-413", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncrypto: xilinx - call finalize with bh disabled\nWhen calling crypto_finalize_request, BH should be disabled to avoid\ntriggering the following calltrace:\n------------[ cut here ]------------\nWARNING: CPU: 2 PID: 74 at crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118\nModules linked in: cryptodev(O)\nCPU: 2 PID: 74 Comm: firmware:zynqmp Tainted: G O 6.8.0-rc1-yocto-standard #323\nHardware name: ZynqMP ZCU102 Rev1.0 (DT)\npstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : crypto_finalize_request+0xa0/0x118\nlr : crypto_finalize_request+0x104/0x118\nsp : ffffffc085353ce0\nx29: ffffffc085353ce0 x28: 0000000000000000 x27: ffffff8808ea8688\nx26: ffffffc081715038 x25: 0000000000000000 x24: ffffff880100db00\nx23: ffffff880100da80 x22: 0000000000000000 x21: 0000000000000000\nx20: ffffff8805b14000 x19: ffffff880100da80 x18: 0000000000010450\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000003 x13: 0000000000000000 x12: ffffff880100dad0\nx11: 0000000000000000 x10: ffffffc0832dcd08 x9 : ffffffc0812416d8\nx8 : 00000000000001f4 x7 : ffffffc0830d2830 x6 : 0000000000000001\nx5 : ffffffc082091000 x4 : ffffffc082091658 x3 : 0000000000000000\nx2 : ffffffc7f9653000 x1 : 0000000000000000 x0 : ffffff8802d20000\nCall trace:\ncrypto_finalize_request+0xa0/0x118\ncrypto_finalize_aead_request+0x18/0x30\nzynqmp_handle_aes_req+0xcc/0x388\ncrypto_pump_work+0x168/0x2d8\nkthread_worker_fn+0xfc/0x3a0\nkthread+0x118/0x138\nret_from_fork+0x10/0x20\nirq event stamp: 40\nhardirqs last enabled at (39): [<ffffffc0812416f8>] _raw_spin_unlock_irqrestore+0x70/0xb0\nhardirqs last disabled at (40): [<ffffffc08122d208>] el1_dbg+0x28/0x90\nsoftirqs last enabled at (36): [<ffffffc080017dec>] kernel_neon_begin+0x8c/0xf0\nsoftirqs last disabled at (34): [<ffffffc080017dc0>] kernel_neon_begin+0x60/0xf0\n---[ end trace 0000000000000000 ]---", "A vulnerability was found in the Linux kernel's Xilinx crypto driver. This issue is caused by failing to disable bottom halves (BH) when calling the `crypto_finalize_request` function, leading to potential system warnings and call traces."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-26877", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26877\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26877\nhttps://lore.kernel.org/linux-cve-announce/2024041739-CVE-2024-26877-72a3@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}

{}