CVE-2026-23370

MEDIUM EPSS 2.4%
Published Mar 25, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 25, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data set_new_password() hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking credentials.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 14

VendorProductVersionRange
linuxlinux_kernel*≥5.11.1  –  <5.15.203
linuxlinux_kernel*≥5.16  –  <6.1.167
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.77
linuxlinux_kernel*≥6.13  –  <6.18.17
linuxlinux_kernel*≥6.19  –  <6.19.7
linuxlinux_kernel5.11any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/0e6115c2f2facaed9593c16ad2e5accd487f5c52
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/411ba3cd837f7825c0e648e155bc505641f95854
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5de34126fb2edf8ab7f25d677b132e92d8bf9ede
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9bbb420f202834363e1e25435e49db0a385c2232
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d1a196e0a6dcddd03748468a0e9e3100790fc85c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d78e74adc5cfff7afd9d03b9da8058a7e435f9bc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d9e785bd62d2ac23cf29a75dcfea8c8087fd3870
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0e6115c2f2facaed9593c16ad2e5accd487f5c52
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/411ba3cd837f7825c0e648e155bc505641f95854
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5de34126fb2edf8ab7f25d677b132e92d8bf9ede
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9bbb420f202834363e1e25435e49db0a385c2232
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d1a196e0a6dcddd03748468a0e9e3100790fc85c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d78e74adc5cfff7afd9d03b9da8058a7e435f9bc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d9e785bd62d2ac23cf29a75dcfea8c8087fd3870
    Patch