CVE-2024-42155
LOW EPSS 8.6%
Published Jul 30, 20241y ago · Modified Jun 17, 20262w ago
1.9 CVSS 3.1
Published Jul 30, 2024 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or secure-keys from stack, even in case of an error.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity None
Availability None
Threat Intelligence
EPSS Exploit Probability
8.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥4.11 – <6.9.9 |
References 2
- git.kernel.org https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b
- git.kernel.org https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207
Remediation
- git.kernel.org https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b
- git.kernel.org https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207