Linux Kernel HMAC Key Dump Guard Vulnerability in CAAM Crypto Driver

A vulnerability in the Linux kernel's CAAM crypto driver has been addressed. The issue involved improper handling of HMAC key hex dumps, which could lead to unintentional leakage of sensitive key information at runtime, especially when dynamic debugging was enabled. The vulnerability affected the hash_digest_key function, where the HMAC key bytes were dumped in a way that could expose secrets. This issue has been resolved by modifying the key dumping method to a more secure approach.

Impact

The vulnerability could have allowed for the unintentional leakage of sensitive HMAC key information, potentially exposing cryptographic secrets during runtime.

Reproduction

The vulnerability could be reproduced by enabling CONFIG_DYNAMIC_DEBUG in the Linux kernel, which allows for dynamic debugging. Once this configuration is active, the CAAM crypto driver can be used in a way that triggers the hash_digest_key function, causing the HMAC key bytes to be dumped in an insecure manner that leaks sensitive information.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version can be found in the Linux kernel documentation.