CVE-2026-23044
Unknown Unknown - Not Provided
Use-After-Free Vulnerability in Linux Kernel PM Hibernate Causes Crash

Publication date: 2026-02-04

Last updated on: 2026-02-04

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When crypto_alloc_acomp() fails, it returns an ERR_PTR value, not NULL. The cleanup code in save_compressed_image() and load_compressed_image() unconditionally calls crypto_free_acomp() without checking for ERR_PTR, which causes crypto_acomp_tfm() to dereference an invalid pointer and crash the kernel. This can be triggered when the compression algorithm is unavailable (e.g., CONFIG_CRYPTO_LZO not enabled). Fix by adding IS_ERR_OR_NULL() checks before calling crypto_free_acomp() and acomp_request_free(), similar to the existing kthread_stop() check. [ rjw: Added 2 empty code lines ]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-04
Last Modified
2026-02-04
Generated
2026-06-16
AI Q&A
2026-02-04
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23044
EUVD
EUVD-2026-5503
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's power management hibernate functionality. Specifically, when the function crypto_alloc_acomp() fails, it returns an error pointer (ERR_PTR) instead of NULL. However, the cleanup code in save_compressed_image() and load_compressed_image() does not check for this error pointer and calls crypto_free_acomp() unconditionally. This leads to dereferencing an invalid pointer, causing the kernel to crash.

The issue can be triggered if the compression algorithm is unavailable, for example, if CONFIG_CRYPTO_LZO is not enabled in the kernel configuration. The fix involves adding proper checks (IS_ERR_OR_NULL()) before calling crypto_free_acomp() and acomp_request_free() to avoid freeing invalid pointers.

Impact Analysis

This vulnerability can cause the Linux kernel to crash during hibernation when the compression algorithm is unavailable or crypto_alloc_acomp() fails. A kernel crash can lead to system instability, unexpected reboots, potential data loss, and denial of service conditions.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, ensure that the Linux kernel is updated to a version where the fix has been applied.

The fix involves adding proper checks (IS_ERR_OR_NULL()) before calling crypto_free_acomp() and acomp_request_free() to prevent kernel crashes.

Additionally, verify that the compression algorithm (e.g., CONFIG_CRYPTO_LZO) is enabled if compression is required, to avoid triggering the issue.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23044. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart