CVE-2024-42155

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or secure-keys from stack, even in case of an error.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

21 Nov 2024, 09:33

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b - Patch () https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b - Patch
References () https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207 - Patch () https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207 - Patch

08 Aug 2024, 15:01

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b - () https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b - Patch
References () https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207 - () https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207 - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 1.9
CWE NVD-CWE-Other

30 Jul 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/pkey: borra copias de claves protegidas y seguras. Aunque la clave clara de las claves ni protegidas ni seguras es accesible, este material de clave solo debe ser visible para el proceso de llamada. Por lo tanto, borre todas las copias de claves protegidas o seguras de la pila, incluso en caso de error.

30 Jul 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-30 08:15

Updated : 2024-11-21 09:33


NVD link : CVE-2024-42155

Mitre link : CVE-2024-42155

CVE.ORG link : CVE-2024-42155


JSON object : View

Products Affected

linux

  • linux_kernel