2436800 – (CVE-2026-23044) CVE-2026-23044 kernel: PM: hibernate: Fix crash when freeing invalid crypto compressor

Bug 2436800 (CVE-2026-23044) - CVE-2026-23044 kernel: PM: hibernate: Fix crash when freeing invalid crypto compressor

Summary: CVE-2026-23044 kernel: PM: hibernate: Fix crash when freeing invalid crypto c...

Keywords:
Status:	NEW
Alias:	CVE-2026-23044
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-02-04 17:03 UTC by OSIDB Bzimport
Modified:	2026-02-11 00:30 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-02-04 17:03:59 UTC

In the Linux kernel, the following vulnerability has been resolved:

PM: hibernate: Fix crash when freeing invalid crypto compressor

When crypto_alloc_acomp() fails, it returns an ERR_PTR value, not NULL.

The cleanup code in save_compressed_image() and load_compressed_image()
unconditionally calls crypto_free_acomp() without checking for ERR_PTR,
which causes crypto_acomp_tfm() to dereference an invalid pointer and
crash the kernel.

This can be triggered when the compression algorithm is unavailable
(e.g., CONFIG_CRYPTO_LZO not enabled).

Fix by adding IS_ERR_OR_NULL() checks before calling crypto_free_acomp()
and acomp_request_free(), similar to the existing kthread_stop() check.

[ rjw: Added 2 empty code lines ]

Comment 1 Jon Moroney 2026-02-04 21:46:00 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026020439-CVE-2026-23044-3312@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.