CVE-2024-42156

medium

Description

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key.

References

https://git.kernel.org/stable/c/d65d76a44ffe74c73298ada25b0f578680576073

https://git.kernel.org/stable/c/a891938947f4427f98cb1ce54f27223501efe750

https://git.kernel.org/stable/c/7f6243edd901b75aaece326c90a1cc0dcb60cc3d

Details

Source: Mitre, NVD

Published: 2024-07-30

Updated: 2024-12-09

Risk Information

CVSS v2

Base Score: 3.7

Vector: CVSS2#AV:L/AC:H/Au:M/C:C/I:N/A:N

Severity: Low

CVSS v3

Base Score: 4.1

Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Severity: Medium