CVE-2024-42155

LOW EPSS 8.6%
Published Jul 30, 20241y ago · Modified Jun 17, 20262w ago
1.9 CVSS 3.1
Low
Find Similar
Published Jul 30, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or secure-keys from stack, even in case of an error.

CVSS Details

Base Score
1.9
Exploitability
0.5
Impact
1.4
Vector string
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
8.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 1

VendorProductVersionRange
linuxlinux_kernel*≥4.11  –  <6.9.9

References 2

  • git.kernel.org https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207
    Patch