CVE-2026-31543
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying
When debug logging is enabled, read_key_from_user_keying() logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 479e58549b0fa7e80f1e0b9e69e0a2a8e6711132 < 4897bd307ba8757c31a3325ba6730961be606016 | affected |
| Linux | Linux | 479e58549b0fa7e80f1e0b9e69e0a2a8e6711132 < ed8d91f469845d62d44c565a55d2ab1767969357 | affected |
| Linux | Linux | 479e58549b0fa7e80f1e0b9e69e0a2a8e6711132 < 36f46b0e36892eba08978eef7502ff3c94ddba77 | affected |
| Linux | Linux | 6.16 | affected |
| Linux | Linux | 0 < 6.16 | unaffected |
| Linux | Linux | 6.18.20 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.10 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/4897bd307ba8757c31a3325ba6730961be606016
- https://git.kernel.org/stable/c/ed8d91f469845d62d44c565a55d2ab1767969357
- https://git.kernel.org/stable/c/36f46b0e36892eba08978eef7502ff3c94ddba77
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.