CVE-2024-42229
CVSS v3.1
4.1 (Medium)
EPSS
0.04 % (11th)
Affected Products
1
Advisories
8
NVD Status
Analyzed
In the Linux kernel, the following vulnerability has been resolved:
crypto: aead,cipher - zeroize key buffer after use
I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding
cryptographic information should be zeroized once they are no longer
needed. Accomplish this by using kfree_sensitive for buffers that
previously held the private key.
Weaknesses
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- kernel.org
- Published Date
-
2024-07-30 08:15:08
(7 weeks ago) - Updated Date
-
2024-07-30 19:46:56
(7 weeks ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...