AZL-70028 CVE-2025-40176 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...

CVE-2025-40176

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...

UBUNTU-CVE-2025-40176

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...

CVE-2025-40176 tls: wait for pending async decryptions if tls_strp_msg_hold fails

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not waiting for asynchronous decryption to complete after a tlsstrpmsghold failure, which could lead to a UA...

smb: client: fix UAF in decryption with multichannel

...

MAL-2025-191702 Malicious code in chromifypro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4138883ad2e38b4a8a4353918126f4732db5f04107be0bddafc745ec97120b52 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...

Underflow in aes_key_unwrap function

The aeskeyunwrap function would panic if passed a ciphertext that was too short. In a debug build, it would panic due to a subtraction underflow. In a release build, it would use the small negative quantity to allocate a vector. Since the allocator expects an unsigned quantity, the negative value...

CVE-2025-27070

Memory corruption while performing encryption and decryption commands...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990334 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: force a dst refcount before doing decryption As it says in commit 3bc07321ccc2 xfrm: Force ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990044)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990044 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: force a dst refcount before doing decryption As it says in commit 3bc07321ccc2 xfrm: Force ...

CVE-2025-27070

Memory corruption while performing encryption and decryption commands...

CVE-2025-27070 Out-of-bounds Write in Windows Compute

Memory corruption while performing encryption and decryption commands...

CVE-2025-27070 Out-of-bounds Write in Windows Compute

Memory corruption while performing encryption and decryption commands...

CVE-2025-27070

CVE-2025-27070 is listed under Qualcomm closed-source components as a High-severity issue involving memory corruption during encryption and decryption commands. The available documents identify the vulnerability and its association with Qualcomm closed-source components, but do not provide a spec...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when executing encryption and decryption commands...

PT-2025-44922

Name of the Vulnerable Software and Affected Versions Windows Compute affected versions not specified Description A memory corruption issue exists when performing encryption and decryption commands. This can lead to an out-of-bounds write condition. Recommendations At the moment, there is no...

TencentOS Server 4: edk2 (TSSA-2025:0850)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0850 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

kernel: tls: separate no-async decryption request handling from async

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an xarray. However, the state might have been freed by the time of this...