Base Score

MEDIUM4.1

CVE-2024-42156

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key.

VectorLOCAL

Published By416baaa9-dc9f-4396-8d5f-8c081fb06d67

Published DateJul 30, 2024, 08:15

Weakness Type (CWE):NVD-CWE-Other

CVSS Metrics

Base Score

4.1

Vector String

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

HIGH

Privileges Required (PR)

HIGH

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

NONE

Availability (A)

NONE

References

Base Score

MEDIUM4.1

Weakness Type (CWE):NVD-CWE-Other

CVSS Metrics

Base Score

4.1

Vector String

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

HIGH

Privileges Required (PR)

HIGH

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

NONE

Availability (A)

NONE