CVE-2024-42229

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to the crypto: aead, cipher functionality in the Linux kernel, where variables temporarily holding cryptographic information should be zeroized once they are no longer needed, as specified by I.G 9.7.B for FIPS 140-3. This is accomplished by using kfree sensitive for buffers that previously held the private key. The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.