Back to search
CVE-2024-42229
Published: Jul 30, 2024
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using kfree_sensitive for buffers that previously held the private key.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 06817176784f620984200dc5d7cbe16984f7b262 - < 89b9b6fa4463daf820e6a5ef65c3b0c2db239513affected 06817176784f620984200dc5d7cbe16984f7b262 - < b716e9c3603ee95ed45e938fe47227d22cf3ec35affected 06817176784f620984200dc5d7cbe16984f7b262 - < 9db8c299a521813630fcb4154298cb60c37f3133affected 06817176784f620984200dc5d7cbe16984f7b262 - < 71dd428615375e36523f4d4f7685ddd54113646daffected 06817176784f620984200dc5d7cbe16984f7b262 - < 28c8d274848feba552e95c5c2a7e3cfe8f15c534+3 more versions |
Linux | Linux | affected 2.6.23unaffected 0 - < 2.6.23unaffected 4.19.323 - <= 4.19.*unaffected 5.4.285 - <= 5.4.*unaffected 5.10.222 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now