Linux 6.9 bug leaves disk-encryption keys in memory during LUKS suspend
A security flaw introduced in Linux kernel version 6.9 causes LUKS suspend to stop wiping disk-encryption keys from system memory. This means that when a system is suspended, sensitive cryptographic keys remain exposed in RAM rather than being securely cleared. The issue poses a potential risk to users relying on LUKS full-disk encryption for data protection during suspend states. The vulnerability was flagged by a security researcher and discussed on Hacker News, drawing attention from the Linux community. Users on affected kernel versions may be at risk until a fix is issued.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in