Описание
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
set_new_password() hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking credentials.
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
set_new_password() hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking credentials.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2026-23370
- https://git.kernel.org/stable/c/0e6115c2f2facaed9593c16ad2e5accd487f5c52
- https://git.kernel.org/stable/c/411ba3cd837f7825c0e648e155bc505641f95854
- https://git.kernel.org/stable/c/5de34126fb2edf8ab7f25d677b132e92d8bf9ede
- https://git.kernel.org/stable/c/d1a196e0a6dcddd03748468a0e9e3100790fc85c
- https://git.kernel.org/stable/c/d78e74adc5cfff7afd9d03b9da8058a7e435f9bc
- https://git.kernel.org/stable/c/d9e785bd62d2ac23cf29a75dcfea8c8087fd3870
EPSS
Процентиль: 7%
0.00024
Низкий
CVE ID
Связанные уязвимости
EPSS
Процентиль: 7%
0.00024
Низкий