96 matches found
kernel security update
6.12.0-124.28.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
MiracleLinux 4 : nss-util-3.14.3-3.AXS4, nss-softokn-3.14.3-3.AXS4, nspr-4.9.5-2.AXS4, nss-3.14.3-4.0.1.AXS4 (AXSA:2013-618:04)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-618:04 advisory. nss: Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server...
MiracleLinux 7 : nss-softokn-3.90.0-6.0.1.el7.AXS7 (AXSA:2025-9721:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9721:01 advisory. Network Security Services Softoken Cryptographic Module Security fixes: - CVE-2023-5388: fix timing attack against RSA decryption - Bug 1784253: avoid...
openssl security update
3.5.1-4.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 3.5.1.openela.0.1 - Add OpenELA specific changes 1:3.5.1-4 - Fix CVE-2025-9230 Resolves: RHEL-115929...
EUVD-2006-4014
Malware in sbrugna...
Oracle Linux 10 : kernel (ELSA-2025-15662)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-15662 advisory. 6.12.0-55.32.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 -...
DEBIAN-CVE-2025-39722
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP, which also reserves access to...
VTun-ng 安全漏洞
vtun-ng is an application by Jan-Espen Oversand Individual Developer. A security vulnerability exists in VTun-ng 3.0.17 and earlier versions, which stems from a failure in the initialization of the cryptographic module that could lead to a plaintext transfer...
Oracle Linux 10 : kernel (ELSA-2025-8374)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8374 advisory. 6.12.0-55.19.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...
Oracle Linux 10 : kernel (ELSA-2025-8669)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8669 advisory. 6.12.0-55.19.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...
CVE-2022-49566 crypto: qat - fix memory leak in RSA
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix memory leak in RSA When an RSA key represented in form 2 as defined in PKCS 1 V2.1 is used, some components of the private key persist even after the TFM is released. Replace the explicit calls to free the buffe...
CVE-2024-45615
A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...
AZL-48832 CVE-2024-45615 affecting package opensc 0.23.0-5
A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...
UBUNTU-CVE-2024-45616
A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...
CVE-2023-39908
The PKCS11 module of the YubiHSM 2 SDK through 2023.01 does not properly validate the length of specific read operations on object metadata. This may lead to disclosure of uninitialized and previously used memory...
Red Hat OpenShift Container Platform 安全漏洞
Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that enable organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A security vulnerability exists in Red Hat OpenShift...
SUSE CVE-2006-0898
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...
SUSE CVE-2020-10769
A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read...
The vulnerability of the cryptographic module of microprogramming software for Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows a perpetrator to trigger a service failure.
The vulnerability of the cryptographic module of microprogramming software for Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD is related to errors in encryption and decryption processes. Exploiting this vulnerability can allow a malicious actor to cause service...
kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned.
A buffer over-read flaw was found in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash...