← volver
CVE-2026-31543

crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying

EPSS 0.1%
In the Linux kernel, the following vulnerability has been resolved: crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying When debug logging is enabled, read_key_from_user_keying() logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes.
Productos afectados
Linux · Linux

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://git.kernel.org/stable/c/36f46b0e36892eba08978eef7502ff3c94ddba77https://git.kernel.org/stable/c/4897bd307ba8757c31a3325ba6730961be606016https://git.kernel.org/stable/c/ed8d91f469845d62d44c565a55d2ab1767969357