In the Linux kernel, the following vulnerability has been resolved:
crypto: aead,cipher - zeroize key buffer after use
I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using kfree_sensitive for buffers that previously held the private key.
[
{
"digest": {
"function_hash": "255693564767421346824600040002945205078",
"length": 536.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f58679996a831754a356974376f248aa0af2eb8e",
"id": "CVE-2024-42229-00b296ca"
},
{
"digest": {
"function_hash": "132687300331086974148127613614498919796",
"length": 499.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@23e4099bdc3c8381992f9eb975c79196d6755210",
"id": "CVE-2024-42229-01cb20d9"
},
{
"digest": {
"function_hash": "132687300331086974148127613614498919796",
"length": 499.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b502d4a08875ea2b4ea5d5b28dc7c991c8b90cfb",
"id": "CVE-2024-42229-0505b966"
},
{
"digest": {
"function_hash": "132687300331086974148127613614498919796",
"length": 499.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89b9b6fa4463daf820e6a5ef65c3b0c2db239513",
"id": "CVE-2024-42229-094f31fb"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80781894654848049985627597827610003813",
"79574841287480593958526756831500173686",
"331999801211651682647690546715145877452",
"30471193456289467308697379102767652165",
"234245372765450806626990693471329480426"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@23e4099bdc3c8381992f9eb975c79196d6755210",
"id": "CVE-2024-42229-0d4f06c4"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"319331931477750623399848910848724607759",
"233808878200604096475401713548370711763",
"335848782564549342288653870152747960315",
"30471193456289467308697379102767652165",
"240288526527135394379019708476789031242"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b502d4a08875ea2b4ea5d5b28dc7c991c8b90cfb",
"id": "CVE-2024-42229-11921685"
},
{
"digest": {
"function_hash": "255693564767421346824600040002945205078",
"length": 536.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9db8c299a521813630fcb4154298cb60c37f3133",
"id": "CVE-2024-42229-133f63c9"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"319331931477750623399848910848724607759",
"233808878200604096475401713548370711763",
"335848782564549342288653870152747960315",
"30471193456289467308697379102767652165",
"240288526527135394379019708476789031242"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f58679996a831754a356974376f248aa0af2eb8e",
"id": "CVE-2024-42229-157a4301"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"136688753422443317271013980417715657839",
"72708525920222637697402862840472357316",
"297534102051595397191511711600370062677",
"30471193456289467308697379102767652165",
"77723139581487754924018963406592560688"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b716e9c3603ee95ed45e938fe47227d22cf3ec35",
"id": "CVE-2024-42229-1fa27736"
},
{
"digest": {
"function_hash": "132687300331086974148127613614498919796",
"length": 499.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f58679996a831754a356974376f248aa0af2eb8e",
"id": "CVE-2024-42229-2f417303"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80781894654848049985627597827610003813",
"79574841287480593958526756831500173686",
"331999801211651682647690546715145877452",
"30471193456289467308697379102767652165",
"234245372765450806626990693471329480426"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f58679996a831754a356974376f248aa0af2eb8e",
"id": "CVE-2024-42229-3e18e09e"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"319331931477750623399848910848724607759",
"233808878200604096475401713548370711763",
"335848782564549342288653870152747960315",
"30471193456289467308697379102767652165",
"240288526527135394379019708476789031242"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9db8c299a521813630fcb4154298cb60c37f3133",
"id": "CVE-2024-42229-52477864"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80781894654848049985627597827610003813",
"79574841287480593958526756831500173686",
"331999801211651682647690546715145877452",
"30471193456289467308697379102767652165",
"234245372765450806626990693471329480426"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9db8c299a521813630fcb4154298cb60c37f3133",
"id": "CVE-2024-42229-5a44a4c6"
},
{
"digest": {
"function_hash": "132687300331086974148127613614498919796",
"length": 499.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9db8c299a521813630fcb4154298cb60c37f3133",
"id": "CVE-2024-42229-64177890"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80781894654848049985627597827610003813",
"79574841287480593958526756831500173686",
"331999801211651682647690546715145877452",
"30471193456289467308697379102767652165",
"234245372765450806626990693471329480426"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b502d4a08875ea2b4ea5d5b28dc7c991c8b90cfb",
"id": "CVE-2024-42229-6aa8ea56"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"319331931477750623399848910848724607759",
"233808878200604096475401713548370711763",
"335848782564549342288653870152747960315",
"30471193456289467308697379102767652165",
"240288526527135394379019708476789031242"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@28c8d274848feba552e95c5c2a7e3cfe8f15c534",
"id": "CVE-2024-42229-748f3c15"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80781894654848049985627597827610003813",
"79574841287480593958526756831500173686",
"331999801211651682647690546715145877452",
"30471193456289467308697379102767652165",
"234245372765450806626990693471329480426"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@28c8d274848feba552e95c5c2a7e3cfe8f15c534",
"id": "CVE-2024-42229-87fe6638"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"319331931477750623399848910848724607759",
"233808878200604096475401713548370711763",
"335848782564549342288653870152747960315",
"30471193456289467308697379102767652165",
"240288526527135394379019708476789031242"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@23e4099bdc3c8381992f9eb975c79196d6755210",
"id": "CVE-2024-42229-96cdb778"
},
{
"digest": {
"function_hash": "255693564767421346824600040002945205078",
"length": 536.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@28c8d274848feba552e95c5c2a7e3cfe8f15c534",
"id": "CVE-2024-42229-9806f94f"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"319331931477750623399848910848724607759",
"233808878200604096475401713548370711763",
"335848782564549342288653870152747960315",
"30471193456289467308697379102767652165",
"240288526527135394379019708476789031242"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@71dd428615375e36523f4d4f7685ddd54113646d",
"id": "CVE-2024-42229-a3f5ae06"
},
{
"digest": {
"function_hash": "165438699555362952010812525227384323894",
"length": 539.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b716e9c3603ee95ed45e938fe47227d22cf3ec35",
"id": "CVE-2024-42229-b2e483c4"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80781894654848049985627597827610003813",
"79574841287480593958526756831500173686",
"331999801211651682647690546715145877452",
"30471193456289467308697379102767652165",
"234245372765450806626990693471329480426"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89b9b6fa4463daf820e6a5ef65c3b0c2db239513",
"id": "CVE-2024-42229-bc228559"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80781894654848049985627597827610003813",
"79574841287480593958526756831500173686",
"331999801211651682647690546715145877452",
"30471193456289467308697379102767652165",
"234245372765450806626990693471329480426"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@71dd428615375e36523f4d4f7685ddd54113646d",
"id": "CVE-2024-42229-bd30adb6"
},
{
"digest": {
"function_hash": "132687300331086974148127613614498919796",
"length": 499.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@28c8d274848feba552e95c5c2a7e3cfe8f15c534",
"id": "CVE-2024-42229-c28d34ef"
},
{
"digest": {
"function_hash": "255693564767421346824600040002945205078",
"length": 536.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b502d4a08875ea2b4ea5d5b28dc7c991c8b90cfb",
"id": "CVE-2024-42229-c6a434db"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"136688753422443317271013980417715657839",
"72708525920222637697402862840472357316",
"297534102051595397191511711600370062677",
"30471193456289467308697379102767652165",
"77723139581487754924018963406592560688"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89b9b6fa4463daf820e6a5ef65c3b0c2db239513",
"id": "CVE-2024-42229-ccd316d5"
},
{
"digest": {
"function_hash": "255693564767421346824600040002945205078",
"length": 536.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@23e4099bdc3c8381992f9eb975c79196d6755210",
"id": "CVE-2024-42229-cfee1641"
},
{
"digest": {
"function_hash": "132687300331086974148127613614498919796",
"length": 499.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b716e9c3603ee95ed45e938fe47227d22cf3ec35",
"id": "CVE-2024-42229-d7456c96"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80781894654848049985627597827610003813",
"79574841287480593958526756831500173686",
"331999801211651682647690546715145877452",
"30471193456289467308697379102767652165",
"234245372765450806626990693471329480426"
]
},
"signature_type": "Line",
"target": {
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b716e9c3603ee95ed45e938fe47227d22cf3ec35",
"id": "CVE-2024-42229-e13058f2"
},
{
"digest": {
"function_hash": "132687300331086974148127613614498919796",
"length": 499.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/aead.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@71dd428615375e36523f4d4f7685ddd54113646d",
"id": "CVE-2024-42229-e2273b60"
},
{
"digest": {
"function_hash": "165438699555362952010812525227384323894",
"length": 539.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89b9b6fa4463daf820e6a5ef65c3b0c2db239513",
"id": "CVE-2024-42229-f43b2f2b"
},
{
"digest": {
"function_hash": "255693564767421346824600040002945205078",
"length": 536.0
},
"signature_type": "Function",
"target": {
"function": "setkey_unaligned",
"file": "crypto/cipher.c"
},
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@71dd428615375e36523f4d4f7685ddd54113646d",
"id": "CVE-2024-42229-f43c1f5c"
}
]