← voltar
CVE-2026-31543

crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying

EPSS 0.1%
In the Linux kernel, the following vulnerability has been resolved: crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying When debug logging is enabled, read_key_from_user_keying() logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes.
Produtos afetados
Linux · Linux

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://git.kernel.org/stable/c/36f46b0e36892eba08978eef7502ff3c94ddba77https://git.kernel.org/stable/c/4897bd307ba8757c31a3325ba6730961be606016https://git.kernel.org/stable/c/ed8d91f469845d62d44c565a55d2ab1767969357