CVE-2022-50063 net: dsa: felix: suppress non-changes to the tagging protocol

In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way in which dsatreechangetagproto works is that when dsatreenotify fails, it doesn't know whether the operation failed mid way in a multi-switch tree, or it faile...

CVE-2025-37864 net: dsa: clean up FDB, MDB, VLAN entries on unbind

In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entries on unbind As explained in many places such as commit b117e1e8a86d "net: dsa: delete dsalegacyfdbadd and dsalegacyfdbdel", DSA is written given the assumption that higher layers have...

CVE-2022-49195 net: dsa: fix panic on shutdown if multi-chip tree failed to probe

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic on shutdown if multi-chip tree failed to probe DSA probing is atypical because a tree of devices must probe all at once, so out of N switches which call dsatreesetuproutingtable during probe, for N - 1 of them...

CVE-2022-48818

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree will...

PT-2024-24129 · Open Quantum Safe · Liboqs

Name of the Vulnerable Software and Affected Versions: Open Quantum Safe liboqs version 10.0 Description: An issue in Open Quantum Safe liboqs allows a remote attacker to escalate privileges via the crypto sign signature parameter in the /pqcrystals-dilithium-standard ml-dsa-44-ipd avx2/sign.c...

Intel DSA Security Vulnerability

Intel DSA is a driver update tool. It can detect user drivers, update the installed drivers to the latest version, support intel series of graphics cards, audio, network cards and chipset drivers, i card users must. Intel DSA version 23.4.33 before the existence of security vulnerabilities, the...

PT-2018-4632 · Atlassian +3 · Jira +4

Name of the Vulnerable Software and Affected Versions: Bouncy Castle JCE Provider versions 1.55 and earlier Description: The issue concerns the DSA in the Bouncy Castle JCE Provider, which does not fully validate ASN.1 encoding of a signature during verification. This allows for the injection of...

CVE-2016-4407

The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka SAP Security Note 2223008...

MGASA-2013-0289 Updated perl-Crypt-DSA package fixes security vulnerability

The Crypt::DSA aka Crypt-DSA module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack CVE-2011-3599. This update removes t...