Medium severity5.5NVD Advisory· Published Mar 25, 2026· Updated Apr 24, 2026
CVE-2026-23370
CVE-2026-23370
Description
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
set_new_password() hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=5.11.1,<5.15.203
- cpe:2.3:o:linux:linux_kernel:5.11:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
7- git.kernel.org/stable/c/0e6115c2f2facaed9593c16ad2e5accd487f5c52nvdPatch
- git.kernel.org/stable/c/411ba3cd837f7825c0e648e155bc505641f95854nvdPatch
- git.kernel.org/stable/c/5de34126fb2edf8ab7f25d677b132e92d8bf9edenvdPatch
- git.kernel.org/stable/c/9bbb420f202834363e1e25435e49db0a385c2232nvdPatch
- git.kernel.org/stable/c/d1a196e0a6dcddd03748468a0e9e3100790fc85cnvdPatch
- git.kernel.org/stable/c/d78e74adc5cfff7afd9d03b9da8058a7e435f9bcnvdPatch
- git.kernel.org/stable/c/d9e785bd62d2ac23cf29a75dcfea8c8087fd3870nvdPatch
News mentions
0No linked articles in our index yet.