Lucene search
K

203 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Nutanix AHV : (NXSA-AHV-10.3.1.8)

The version of AHV installed on the remote host is prior to 10.3.1.8 / AHV-10.3.1.8. It is, therefore, affected by a vulnerability as referenced in the NXSA-AHV-10.3.1.8 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating...

7.8CVSS6.7AI score0.96267EPSS
Exploits230References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 1:52 p.m.3 views

Security Bulletin: Vulnerabilities in kernel library (CVE-2025-68724, CVE-2026-31431) affect Power HMC.

Summary The kernel library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-68724 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in...

7.8CVSS6.8AI score0.96267EPSS
Exploits230Affected Software1
Broadcom
Broadcom
added 2026/07/01 12:0 a.m.18 views

crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431)

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead since the source and destination...

7.8CVSS6.8AI score0.96267EPSS
Exploits230
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.6 views

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-2429)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating...

8.8CVSS7.1AI score0.96267EPSS
Exploits257References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.15 views

Siemens SIMATIC S7-1500 Incorrect Resource Transfer Between Spheres (CVE-2026-31431)

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead since the source and destination...

7.8CVSS6.9AI score0.96267EPSS
Exploits230References3
Ubuntu
Ubuntu
added 2026/06/17 10:27 a.m.21 views

USN-8441-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

7.8CVSS5.7AI score0.96267EPSS
Exploits230
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2026-2427)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating...

8.8CVSS7.1AI score0.96267EPSS
Exploits257References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

Ubuntu 22.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8351-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8351-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS6.2AI score0.96267EPSS
Exploits230References9
OSV
OSV
added 2026/06/04 9:23 p.m.18 views

USN-8391-1 linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.2AI score0.96267EPSS
Exploits262References14
Positive Technologies
Positive Technologies
added 2026/06/01 2:48 p.m.32 views

PT-2026-07: Local Privilege Escalation Vulnerability in the Linux Kernel (Copy Fail)

This security advisory provides information regarding a Linux kernel vulnerability, CVE-2026-31431 , informally known as Copy Fail. This vulnerability allows for local privilege escalation to the superuser root level and affects the Linux kernel module: algifaead. Vulnerability status : PT NGFW i...

8.5CVSS5.9AI score0.96267EPSS
Exploits230References1
OSV
OSV
added 2026/06/01 12:31 p.m.19 views

USN-8350-1 linux-nvidia-tegra vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS5.9AI score0.96267EPSS
Exploits230References9
Ubuntu
Ubuntu
added 2026/06/01 12:31 p.m.27 views

USN-8350-1: Linux kernel (NVIDIA Tegra) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96267EPSS
Exploits230
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.17 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : kmod update (USN-8226-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8226-2 advisory. USN-8226-1 added a mitigation to kmod to disable loading the algifaead module. This update adds the same mitigation to Ubuntu...

7.8CVSS7.3AI score0.96267EPSS
Exploits230References2
RedhatCVE
RedhatCVE
added 2026/05/27 8:14 p.m.11 views

CVE-2026-46028

A flaw was found in the Linux kernel's algifaead Authenticated Encryption with Associated Data subsystem. Asynchronous async requests for AEAD operations use a shared initialization vector IV buffer. This shared state can be modified by subsequent socket activity before an async request fully...

7CVSS5.8AI score0.00123EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/27 12:56 p.m.9 views

CVE-2026-46028

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/05/27 12:56 p.m.2 views

CVE-2026-46028 crypto: algif_aead - snapshot IV for async AEAD requests

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...

5.5CVSS6AI score0.00123EPSS
Exploits0References11
CVE
CVE
added 2026/05/27 12:56 p.m.30 views

CVE-2026-46028

CVE-2026-46028 — Linux kernel crypto/AF_ALG: per‑request IV storage for async AEAD . The vulnerability occurs in AF_ALG AEAD async requests that previously reused a socket‑wide IV buffer during processing, allowing later socket activity to modify the shared IV before the original request finished...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/05/27 12:56 p.m.13 views

EUVD-2026-32409

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...

5.9AI score0.00123EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Ubuntu 24.04 LTS / 25.10 : Linux kernel (Azure) vulnerabilities (USN-8310-1)

"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8310-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy...

9.8CVSS6.7AI score0.96267EPSS
Exploits230References23
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of socket-level IV buffers in asynchronous AEAD requests within algifaead. This can lead ...

5.8AI score0.00123EPSS
Exploits0References8
Rows per page
Query Builder