[PATCH v2] crypto/openssl: fix use-after-free bug and cleanup

Akhil Goyal gakhil at marvell.com
Sat Jun 20 21:21:09 CEST 2026

Previous message (by thread): [PATCH v2] crypto/openssl: fix use-after-free bug and cleanup
Next message (by thread): [PATCH v2 1/2] app/crypto-perf: support ML KEM
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> -----Original Message-----
> From: Pratik Senapati <psenapati at marvell.com>
> Sent: Tuesday, June 9, 2026 11:23 AM
> To: dev at dpdk.org
> Cc: Akhil Goyal <gakhil at marvell.com>; kai.ji at intel.com; stable at dpdk.org
> Subject: [PATCH v2] crypto/openssl: fix use-after-free bug and cleanup
> 
> params is freed before it is used by
> EVP_PKEY_decapsulate_init()
> causing a use-after-free issue.
> 
> Pass NULL to EVP_PKEY_decapsulate_init()
> instead of params to avoid it.
> 
> Add resource cleanup for all error paths in the
> ML-KEM decapsulate and encapsulate handlers.
> 
> Consolidate cleanup into multiple goto labels;
> err_decap, err_pkey, err_params for decap and
> err_encap, err_pkey, err_params for encap.
> 
> Fixes: 5f761d7b605e ("crypto/openssl: support ML-KEM and ML-DSA")
> Cc: stable at dpdk.org
> 
> Signed-off-by: Pratik Senapati <psenapati at marvell.com>
Acked-by: Akhil Goyal <gakhil at marvell.com>

Applied to dpdk-next-crypto
Thanks.

Previous message (by thread): [PATCH v2] crypto/openssl: fix use-after-free bug and cleanup
Next message (by thread): [PATCH v2 1/2] app/crypto-perf: support ML KEM
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list