CVE-2024-42157 in Linuxinfo

Summary

by MITRE • 07/30/2024

In the Linux kernel, the following vulnerability has been resolved:

s390/pkey: Wipe sensitive data on failure

Wipe sensitive data from stack also if the copy_to_user() fails.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 07/19/2025

The vulnerability identified as CVE-2024-42157 resides within the Linux kernel's s390 architecture implementation, specifically addressing a critical security flaw in the permission key handling mechanism. This issue affects systems running on IBM System/390 (s390) hardware platforms where the kernel manages memory protection keys. The vulnerability stems from inadequate handling of sensitive data exposure during memory copy operations, creating potential attack vectors for malicious actors seeking to exploit information leakage mechanisms.

The technical flaw manifests in the kernel's s390 architecture implementation where sensitive data stored in stack memory remains exposed when copy_to_user() operations fail. This function serves as a critical interface between kernel space and user space, responsible for transferring data from kernel memory to user memory regions. When the copy_to_user() function encounters a failure condition, the kernel should ensure complete sanitization of any sensitive data that might have been temporarily stored in kernel stack buffers. However, the implementation fails to properly wipe this sensitive information, leaving potential data remnants that could be accessed by unauthorized processes or malicious code exploiting the system.

The operational impact of this vulnerability extends significantly across systems utilizing s390 architecture, particularly those running Linux kernels with permission key management capabilities. Attackers could potentially leverage this flaw to extract sensitive cryptographic keys, authentication tokens, or other confidential information that might be temporarily stored in kernel stack memory during failed memory operations. The vulnerability creates a data exposure risk that aligns with CWE-242, which addresses the weakness of using potentially insecure functions that may leave sensitive data in memory. Systems processing sensitive information, including financial transactions, cryptographic operations, or enterprise authentication systems, face heightened risk from this flaw.

This vulnerability demonstrates a clear violation of the principle of least privilege and proper memory management, where sensitive data should never remain accessible after its intended use. The failure to wipe stack memory upon operation failure represents a critical gap in the kernel's security architecture and aligns with ATT&CK technique T1552.1, which covers credentials in files and T1005, which addresses data from local system. The fix implemented addresses this by ensuring that sensitive data is properly sanitized from stack memory regardless of whether copy_to_user() operations succeed or fail, thereby preventing potential information leakage that could compromise system security.

The resolution of CVE-2024-42157 involves implementing proper memory wiping mechanisms that guarantee sensitive data removal from stack buffers even when memory copy operations encounter failures. This approach directly addresses the fundamental security principle that sensitive information should never persist in memory beyond its required usage period. The fix ensures that all temporary storage areas containing sensitive data are properly cleared before function return, regardless of execution path taken by the kernel code. This remediation strengthens the overall security posture of s390-based systems by eliminating potential attack vectors that could exploit information leakage through memory remnants, thereby protecting against credential theft, cryptographic key exposure, and other sensitive data compromise scenarios.

Responsible

Linux

Reservation

07/29/2024

Disclosure

07/30/2024

Moderation

accepted

CPE

ready

EPSS

0.00220

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!