104 matches found
SUSE CVE-2026-52972
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...
Linux Distros Unpatched Vulnerability : CVE-2026-52972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to...
CVE-2026-52972 crypto: af_alg - Cap AEAD AD length to 0x80000000
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...
CVE-2026-52972
CVE-2026-52972 affects the Linux kernel crypto/af_alg component, causing an arithmetic overflow when handling associated data lengths during the TX buffer size check. The root cause is the potential overflow if AD length is not capped; the fix caps the AD length to 0x80000000. Multiple OS vendors...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Corrected incorrect boolean values in afalgctx. The commit 1b34cbbf4f01 „crypto: afalg – Disallowed concurrent writes in afalgsendmsg“ changed some fields from bool to 1-bit u32 fields. However, some assignments t...
RHEL 9 : kernel (RHSA-2026:19225)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19225 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Servi...
SUSE CVE-2026-43078
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078
A flaw was found in the Linux kernel. Specifically, within the crypto: afalg component, a page reassignment overflow could occur in the afalgpulltsgl function. This vulnerability arises because the original loop was not updated, potentially allowing it to reassign one more page than necessary. Th...
EUVD-2026-27567
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078 crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
Oracle Linux 8 : kernel (ELSA-2026-13577)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13577 advisory. - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Herbert Xu RHEL-172187 CVE-2026-31431 - crypto: authencesn - rejec...
CLSA-2026-1777641037 kernel-uek: Fix of CVE-2026-31431
crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...
Exploit for CVE-2026-31431
Copy-Fail---CVE-2026-31431 CVE-2026-31431 "Copy Fail" - Analys...
Unbreakable Enterprise kernel security update: Copy Fail
6.12.0-201.74.2.2 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292190 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292190 - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Herbert Xu...
About Elevation of Privilege - Linux Kernel "Copy Fail" (CVE-2026-31431) vulnerability
About Elevation of Privilege - Linux Kernel "Copy Fail" CVE-2026-31431 vulnerability. A local privilege escalation vulnerability in the Linux kernel AFALG component, which is caused by a memory handling flaw, allows an unprivileged user to escalate privileges to root. By exploiting this...
Linux Distros Unpatched Vulnerability : CVE-2026-31677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: afalg - limit RX SG extraction by receive buffer budget Make afalggetrsgl limit each RX scatterlist extraction to the remaining receive buffer budget...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007617)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007617 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg...
SUSE SLES15 / openSUSE 15 : Security update for the Linux Kernel (SUSE-SU-2026:1041-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1041-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs...