CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-23344

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sev_tsm_init_locked(), the code dereferences 't' after it has been freed with kfree(). The pr_err() statement attempts to access t->tio_en and t->tio_init_done after the memory has been released. Move the pr_err() call before kfree(t) to access the fields while the memory is still valid. This issue reported by Smatch static analyser

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.7%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2026-23344

Linux » Linux Kernel » Version: 6.19

cpe:2.3:o:linux:linux_kernel:6.19
Linux » Linux Kernel » Version: 6.19.1

cpe:2.3:o:linux:linux_kernel:6.19.1
Linux » Linux Kernel » Version: 6.19.3

cpe:2.3:o:linux:linux_kernel:6.19.3
Linux » Linux Kernel » Version: 6.19.4

cpe:2.3:o:linux:linux_kernel:6.19.4
Linux » Linux Kernel » Version: 7.0

cpe:2.3:o:linux:linux_kernel:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-23344

Products

Pricing

Contact Us