Linux · Linux Kernel · CVE-2024-39478
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to the crypto starfive module in the Linux kernel, where a variable length buffer allocated in the software stack for RSA text data is freed, causing undefined behavior in subsequent operations. This is due to the function `starfive rsa enc core()` in the module drivers/crypto/starfive/jh7110-rsa.c, which is associated with the reuse of previously freed memory. Exploitation of this issue may allow an attacker to impact the availability of protected information.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.