PT-2024-5236 · Linux+6 · Linux Kernel+6

Published

2024-05-14

·

Updated

2025-09-29

·

CVE-2024-42157

CVSS v2.0

4.9

Medium

VectorAV:L/AC:L/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to the s390/pkey component of the Linux kernel, where a buffer overflow in the stack can occur, potentially allowing an attacker to disclose protected information. The vulnerability is associated with the copy to user() function, which fails to wipe sensitive data from the stack.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-10465
ALT-PU-2024-10467
ALT-PU-2024-10855
ALT-PU-2024-11524
ALT-PU-2024-12537
ALT-PU-2024-13979
ALT-PU-2024-14046
AZL-47352
AZL-47382
BDU:2024-05830
CVE-2024-42157
DLA-4008-1
DSA-5747-1
MGASA-2024-0277
MGASA-2024-0278
OESA-2024-1992
OESA-2024-1994
OESA-2024-1995
OESA-2024-1996
OESA-2024-2296
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
SUSE-SU-2024:3189-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3251-1
SUSE-SU-2024:3252-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7003-1
USN-7003-2
USN-7003-3
USN-7003-4
USN-7003-5
USN-7006-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7009-1
USN-7009-2
USN-7019-1
USN-7069-1
USN-7069-2
USN-7089-1
USN-7089-2
USN-7089-3
USN-7089-4
USN-7089-5
USN-7089-6
USN-7089-7
USN-7090-1
USN-7095-1
USN-7156-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu