Linux 6.9 이후 LUKS 서스펜드가 암호화 키를 메모리에서 지우지 않는 버그
Since Linux 6.9, LUKS suspend stopped wiping disk-encryption keys from memory

I discovered that since Linux 6.9, the LUKS suspend mechanism silently failed to wipe disk encryption keys from memory, leaving data vulnerable to cold boot attacks for over two years. This critical flaw stemmed from a kernel refactoring that unexpectedly broke the security feature. I developed a one-line patch to fix the issue and created an experimental solution for NixOS to securely suspend laptops by properly clearing these keys.
"수년 동안 신뢰해 온 보안 메커니즘이 사실은 전혀 작동하지 않았다는 사실을 알게 된 것은 정말 불안한 경험이다."