A security regression was identified in Linux kernel 6.9 where LUKS encryption keys were found to remain resident in memory after system suspend operations, potentially exposing sensitive data. This issue highlights critical vulnerabilities in how the kernel handles cryptographic material during power state transitions, prompting urgent attention from the security community.
Background
The Linux kernel 6.9 introduced various changes to memory management and suspend/resume handling, which inadvertently affected how LUKS keys are cleared from RAM. Secure suspend mechanisms are crucial for maintaining data confidentiality on encrypted drives when devices enter low-power states.
- Source
- Lobsters
- Published
- Jul 3, 2026 at 02:45 AM
- Score
- 7.0 / 10