39 matches found
PT-2026-55973
Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.9.0 through 4.10.x Description The RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses a non-constant-time memcmp function for label hash verification and contains multiple distinguishable error paths. This...
RLSA-2026:26352 Moderate: opencryptoki security update
The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...
CVE-2026-46291 crypto: caam - guard HMAC key hex dumps in hash_digest_key
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...
CVE-2026-46060 crypto: qat - fix IRQ cleanup on 6xxx probe failure
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...
CVE-2026-45900
The CVE-2026-45900 issue is in the Linux kernel crypto: caam module. During dpaa2_caam_probe, netdevs allocated for DPIO setup could leak if dpaa2_dpseci_dpio_setup() fails and the cleanup path in dpaa2_dpseci_free() did not consider previously allocated nets. The fix preserves the CPU mask of al...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: caam – fix DMA corruption on long hmac keys When a key longer than the block size is provided, it is copied and then hashed into the actual key. The memory allocated for the copy needs to be rounded to the DMA cache...
CVE-2026-43330
A flaw was found in the Linux kernel's caam cryptographic accelerator driver. When processing a Hash-based Message Authentication Code HMAC key that exceeds the block size, the driver incorrectly handles memory allocation and copying. This can lead to an overflow, where the system attempts to rea...
CVE-2026-43330 crypto: caam - fix overflow on long hmac keys
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwi...
PT-2026-38981
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An overflow occurs in the crypto caam component when a key longer than the block size is supplied. The system copies and hashes the key into the real key, but the memory allocated for th...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010879)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010879 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIGDMAAPIDEBUG is selected, while running the...
CVE-2026-23344
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferences 't' after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory...
Moderate: opencryptoki security update
The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...
Vulnerability of the qat_dh_compute_value() function in the drivers/crypto/qat/qat_common/qat_asym_algs.c module – a driver for the Linux kernel’s cryptographic accelerator, allowing a hacker to cause a service failure.
Vulnerability of the qatdhcomputevalue function in the drivers/crypto/qat/qatcommon/qatasymalgs.c module – The driver for the Linux kernel’s cryptographic accelerator is vulnerable to integer overflow or cyclic shift attacks. Exploiting this vulnerability could allow an attacker to cause a system...
CVE-2023-54325 crypto: qat - fix out-of-bounds read
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix out-of-bounds read When preparing an AER-CTR request, the driver copies the key provided by the user into a data structure that is accessible by the firmware. If the target device is QAT GEN4, the key size is...
CVE-2022-50774 crypto: qat - fix DMA transfer direction
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIGDMAAPIDEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function adddmaentry reports a warning similar to the one below, saying that...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986300)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986300 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the calle...
SUSE CVE-2025-39722
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP, which also reserves access to...
Linux Distros Unpatched Vulnerability : CVE-2025-39722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller o...
CVE-2025-39722 crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP, which also reserves access to...
Microarchitecture Design and Benchmarking of Custom SHA-3 Instruction for RISC-V
Integrating cryptographic accelerators into modern CPU architectures presents unique microarchitectural challenges, particularly when extending instruction sets with complex and multistage operations. Hardware-assisted cryptographic instructions, such as Intel's AES-NI and ARM's custom instructio...