CVE-2024-56681

MEDIUM EPSS 13.5%
Published Dec 28, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Dec 28, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahash_hmac_init function The ahash_init functions may return fails. The ahash_hmac_init should not return ok when ahash_init returns error. For an example, ahash_init will return -ENOMEM when allocation memory is error.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥4.11  –  <4.19.325
linuxlinux_kernel*≥4.20  –  <5.4.287
linuxlinux_kernel*≥5.5  –  <5.10.231
linuxlinux_kernel*≥5.11  –  <5.15.174
linuxlinux_kernel*≥5.16  –  <6.1.120
linuxlinux_kernel*≥6.2  –  <6.6.64
linuxlinux_kernel*≥6.7  –  <6.11.11
linuxlinux_kernel*≥6.12  –  <6.12.2

References 11

  • git.kernel.org https://git.kernel.org/stable/c/05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/19630cf57233e845b6ac57c9c969a4888925467b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/28f8ffa945f7d7150463e15097ea73b19529d6f5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4ea3e3b761e371102bb1486778e2f8dbc9e37413
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/75e1e38e5d80d6d9011b7322698ffba3dd3db30a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8f1a9a960b1107bd0e0ec3736055f5ed0e717edf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ae5253313e0ea5f00c06176074592b7f493c8546
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bba9e38c5ad41d0a88b22a59e5b6dd3e31825118
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ee36db8e8203420e6d5c42eb9428920c2fc36532
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/19630cf57233e845b6ac57c9c969a4888925467b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/28f8ffa945f7d7150463e15097ea73b19529d6f5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4ea3e3b761e371102bb1486778e2f8dbc9e37413
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/75e1e38e5d80d6d9011b7322698ffba3dd3db30a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8f1a9a960b1107bd0e0ec3736055f5ed0e717edf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ae5253313e0ea5f00c06176074592b7f493c8546
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bba9e38c5ad41d0a88b22a59e5b6dd3e31825118
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ee36db8e8203420e6d5c42eb9428920c2fc36532
    Patch