CVE-2024-42158

CVSS 3.1 Score 4.1 of 10 (medium)

Details

Published Jul 30, 2024
Updated: Aug 2, 2024
CWE ID 669

Summary

CVE-2024-42158 is a vulnerability affecting the Linux kernel. This issue involves the use of memzero_explicit() and kfree() functions in the s390/pkey module, which have been identified as potential security concerns by the Coccinelle static analyzer. To address these warnings, the affected functions have been replaced with kfree_sensitive(), ensuring that memory is properly freed and reducing the risk of potential memory-related vulnerabilities.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share