Lucene search
K

4 matches found

OSV
OSV
added 2026/06/29 9:16 p.m.5 views

UBUNTU-CVE-2026-13758

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

3.7CVSS5.8AI score0.00295EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/02 9:20 p.m.32 views

CVE-2026-3337 Timing Side-Channel in AES-CCM Tag Verification in AWS-LC

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVPaes128ccm, EVPaes192ccm, and EVPaes256ccm. Customers of AWS servic...

8.2CVSS0.01079EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989260)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989260 advisory. In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for...

7.8CVSS6.1AI score0.00242EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.2 views

kernel: reassembling encrypted fragments with non-consecutive packet numbers

A vulnerability was found in Linux kernel, where the WiFi implementation reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP...

5.3CVSS7.2AI score0.05622EPSS
Exploits0References4
Rows per page
Query Builder