CVE-2024-56681

crypto: bcm - add error check in the ahash_hmac_init function

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahash_hmac_init function The ahash_init functions may return fails. The ahash_hmac_init should not return ok when ahash_init returns error. For an example, ahash_init will return -ENOMEM when allocation memory is error.

N/A
CVSS
Severity:
EPSS 0.07%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/8f1a9a960b1107bd0e0ec3736055f5ed0e717edf
https://git.kernel.org/stable/c/75e1e38e5d80d6d9011b7322698ffba3dd3db30a
https://git.kernel.org/stable/c/28f8ffa945f7d7150463e15097ea73b19529d6f5
https://git.kernel.org/stable/c/4ea3e3b761e371102bb1486778e2f8dbc9e37413
https://git.kernel.org/stable/c/05f0a3f5477ecaa1cf46448504afe9e7c2e96fcc
https://git.kernel.org/stable/c/ae5253313e0ea5f00c06176074592b7f493c8546
https://git.kernel.org/stable/c/ee36db8e8203420e6d5c42eb9428920c2fc36532
https://git.kernel.org/stable/c/bba9e38c5ad41d0a88b22a59e5b6dd3e31825118
https://git.kernel.org/stable/c/19630cf57233e845b6ac57c9c969a4888925467b

Frequently Asked Questions

What is the severity of CVE-2024-56681?
CVE-2024-56681 has not yet been assigned a CVSS score.
How to fix CVE-2024-56681?
To fix CVE-2024-56681, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-56681 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-56681 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-56681?
CVE-2024-56681 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.