Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data set_new_password() hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking credentials.

INFO

Published Date :

2026-03-25T10:27:51.370Z

Last Modified :

2026-04-18T08:58:17.507Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23370 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23370.

URL Resource
https://git.kernel.org/stable/c/0e6115c2f2facaed9593c16ad2e5accd487f5c52 cve-icon cve-icon
https://git.kernel.org/stable/c/411ba3cd837f7825c0e648e155bc505641f95854 cve-icon cve-icon
https://git.kernel.org/stable/c/5de34126fb2edf8ab7f25d677b132e92d8bf9ede cve-icon cve-icon
https://git.kernel.org/stable/c/9bbb420f202834363e1e25435e49db0a385c2232 cve-icon cve-icon
https://git.kernel.org/stable/c/d1a196e0a6dcddd03748468a0e9e3100790fc85c cve-icon cve-icon
https://git.kernel.org/stable/c/d78e74adc5cfff7afd9d03b9da8058a7e435f9bc cve-icon cve-icon
https://git.kernel.org/stable/c/d9e785bd62d2ac23cf29a75dcfea8c8087fd3870 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026032540-CVE-2026-23370-02d2@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23370 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23370 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact