PatchSiren

PatchSiren cyber security CVE debrief

CVE-2024-26877 Linux CVE debrief

CVE-2024-26877 is a Linux kernel issue in the Xilinx crypto driver finalize path. According to the kernel fix note, crypto_finalize_request must be called with bottom halves disabled; otherwise the crypto engine can trigger a kernel WARNING and call trace during AEAD request completion. The NVD record rates the issue as medium severity, with availability impact only.

Vendor
Linux
Product
CVE-2024-26877
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2024-04-17
Original CVE updated
2026-05-12
Advisory published
2024-04-17
Advisory updated
2026-05-12

Who should care

Linux kernel maintainers, distro and embedded-device operators, and anyone running affected kernel versions on systems that use the Xilinx/ZynqMP crypto engine path. This is especially relevant for embedded and vendor kernels that include the xilinx crypto driver or backports of it.

Technical summary

The kernel report states that zynqmp_handle_aes_req can reach crypto_finalize_aead_request and then crypto_finalize_request while BH is still enabled, which triggers a WARNING in crypto/crypto_engine.c. The fix is to call finalize with BH disabled. NVD lists affected Linux kernel ranges up to 5.10.214, 5.15.153, 6.1.83, 6.6.23, 6.7.11, and 6.8.2, plus Debian Linux 10.0 in its CPE set. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating a local, low-privilege availability issue.

Defensive priority

Medium. The main risk is kernel instability or noisy warning conditions in affected deployments, not data exposure or integrity compromise.

Recommended defensive actions

  • Update to a kernel release that includes the upstream/stable fix for the Xilinx crypto driver finalize path.
  • If you consume vendor or distro kernels, verify whether the fix was backported rather than relying only on base version numbers.
  • Check affected hosts against the NVD version ranges and the Debian 10 advisory context before planning remediation.
  • Prioritize systems that use the Xilinx/ZynqMP crypto engine or related out-of-tree crypto modules.
  • Monitor affected environments for repeated kernel warnings in crypto_finalize_request / crypto_finalize_aead_request paths until patched.

Evidence notes

The summary is based on the CVE description provided in the source corpus and the official NVD record. The description includes an explicit kernel warning/call trace and the stated fix requirement: call crypto_finalize_request with BH disabled. The NVD metadata provides the affected version ranges, CVSS vector, and official patch/advisory references. No exploit code or unsupported impact claims are included.

Official resources

Published 2024-04-17T11:15:09.820Z; modified 2026-05-12T12:16:22.737Z. These timestamps are from the CVE/NVD source record and should be treated as the issue publication and modification dates.