CVE-2024-42156: s390/pkey: Wipe copies of clear-key structures on failure
0.0
CVSS
Description
In the Linux kernel, the following vulnerability has been resolved:
s390/pkey: Wipe copies of clear-key structures on failure
Wipe all sensitive data from stack for all IOCTLs, which convert a
clear-key into a protected- or secure-key.
Classification
CVE ID: CVE-2024-42156
CVSS Base Severity: LOW
CVSS Base Score: 0.0
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 17.81% (scored less or equal to compared to others)
EPSS Date: 2025-02-03 (when was this score calculated)
References
https://git.kernel.org/stable/c/7f6243edd901b75aaece326c90a1cc0dcb60cc3dhttps://git.kernel.org/stable/c/d65d76a44ffe74c73298ada25b0f578680576073