CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-43815

In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory through the payload field when running AES with a key from one of the hardware's key slots. Fix this by ensuring the payload field is set to 0 in such cases. This does not affect the common use case when the key is supplied from main memory via the descriptor payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.8%

CVSS Severity

CVSS v3 Score 7.1

References

https://git.kernel.org/stable/c/dd52b5eeb0f70893f762da7254e923fd23fd1379
https://git.kernel.org/stable/c/e1640fed0377bf7276efb70d03cb821a6931063d

Products affected by CVE-2024-43815

Linux » Linux Kernel » Version: 6.10

cpe:2.3:o:linux:linux_kernel:6.10
Linux » Linux Kernel » Version: 6.10.0

cpe:2.3:o:linux:linux_kernel:6.10.0
Linux » Linux Kernel » Version: 6.10.1

cpe:2.3:o:linux:linux_kernel:6.10.1
Linux » Linux Kernel » Version: 6.10.2

cpe:2.3:o:linux:linux_kernel:6.10.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-43815

Products

Pricing

Contact Us