In the Linux kernel, the following vulnerability has been resolved:
platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
set_new_password() hex dumps the entire buffer, which contains plaintext
password data, including current and new passwords. Remove the hex dump
to avoid leaking credentials.
| Score | Percentile |
|---|---|
| 0.12% | 2.60% |
| Base score | Version | Severity | Vector |
|---|---|---|---|
| 5.5 | 3.1 | — |
|
| Type | Value |
|---|---|
| GHSA | GHSA-qvvw-8673-33g5 ↗ |
| CVE | CVE-2026-23370 ↗ |