CVE-2024-42155
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
s390/pkey: Wipe copies of protected- and secure-keys
Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or secure-keys from stack, even in case of an error.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | e80d4af0a320972aac58e2004d0ba4e44ef4c5c7 < c746f7ced4ad88ee48d0b6c92710e4674403185b | affected |
| Linux | Linux | e80d4af0a320972aac58e2004d0ba4e44ef4c5c7 < f2ebdadd85af4f4d0cae1e5d009c70eccc78c207 | affected |
| Linux | Linux | 4.11 | affected |
| Linux | Linux | 0 < 4.11 | unaffected |
| Linux | Linux | 6.9.9 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b
- https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b
- https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.