CVE-2026-45950

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 95% most likely to be exploited
Published: May 27, 2026 (44 days ago)
Last Modified: May 27, 2026
Vendor: Red Hat
Source: REDHAT

Description

A flaw was found in the Linux kernel's `starfive_aes_aead_do_one_req()` function within the crypto: starfive component. This vulnerability occurs because memory allocated for `rctx->adata` is not properly freed if `sg_copy_to_buffer()` or `starfive_aes_hw_init()` operations fail. This can lead to memory leaks, potentially impacting system stability and performance over time.

CWE

CWE-772

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References