CVE-2026-45950

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

In the Linux kernel, the following vulnerability has been resolved:

crypto: starfive - Fix memory leak in starfive aes aead do one req()

The starfive aes aead do one req() function allocates rctx->adata with kzalloc() but fails to free it if sg copy to buffer() or starfive aes hw init() fails, which lead to memory leaks.

Since rctx->adata is unconditionally freed after the write adata operations, ensure consistent cleanup by freeing the allocation in these earlier error paths as well.

Compile tested only. Issue found using a prototype static analysis tool and code review.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-45950

Affected Products

Linux

CVE-2026-45950

Related Identifiers

Affected Products

References · 5