CVE-2026-23344
ADVISORY - nistSummary
In the Linux kernel, the following vulnerability has been resolved:
crypto: ccp - Fix use-after-free on error path
In the error path of sev_tsm_init_locked(), the code dereferences 't' after it has been freed with kfree(). The pr_err() statement attempts to access t->tio_en and t->tio_init_done after the memory has been released.
Move the pr_err() call before kfree(t) to access the fields while the memory is still valid.
This issue reported by Smatch static analyser
EPSS Score: 0.0012 (0.022)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Use After Free
ADVISORY - redhat
Expired Pointer Dereference
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in