1346 matches found
Nuvoton NPCT7xx 安全漏洞
Nuvoton NPCT7xx is a series of TPM security controllers developed by Nuvoton Corporation in Taiwan, China, aimed at trusted computing and platform security management. Nuvoton NPCT7xx has security vulnerabilities, which stem from side-channel attacks and may lead to the extraction of elliptic cur...
PT-2026-40966
A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...
libssh2: Fix of 2 CVEs
CVE-2019-13115: add bounds-checked stringbuf helpers and use them in diffiehellmansha1 to prevent out-of-bounds read on malformed KEX reply - CVE-2019-17498: harden bounds checks in SSHMSGDISCONNECT, SSHMSGDEBUG and SSHMSGGLOBALREQUEST handlers to prevent integer overflow / out-of-bounds read...
JLSEC-2026-466 Mbed TLS peer can force the FFDH shared secret into a small set of values
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...
JLSEC-2026-244 Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH...
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...
JLSEC-2026-241 Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:...
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...
CVE-2026-41989
A flaw was found in Libgcrypt. A remote attacker could exploit this vulnerability by sending crafted Elliptic Curve Diffie-Hellman ECDH ciphertext to the gcrypkdecrypt function. This can lead to a heap-based buffer overflow, potentially causing a denial of service DoS condition. Mitigation...
EUVD-2026-25192
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
CVE-2026-41989
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1
Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming keylen, unconditionally writing the full shared secret 32/56/prime-size bytes. A...
UBUNTU-CVE-2026-35332
NULL-Pointer Dereference When Handling ECDH Public Value in TLS...
PT-2026-34619
Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.27 through 0.10.77 Description An issue exists where Deriver::derive and PkeyCtxRef::derive set the len variable to buf.len and pass it as the in/out length to EVP PKEY derive. When using OpenSSL 1.1.x, the X25519,...
PT-2026-36652
Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description The built-in SSH server uses default configurations that advertise weak or broken key exchange, MAC, and host key algorithms. Specifically, the server supports the ecdh-sha2-nistp256,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013082)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013082 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - avoid null pointer deref in mpicmpui During NVMeTCP Authentication a controller...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011245)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011245 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - avoid null pointer deref in mpicmpui During NVMeTCP Authentication a controller...
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-007393)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007393 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007422)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007422 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - avoid null pointer deref in mpicmpui During NVMeTCP Authentication a controller...
Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext
A flaw was found in Libgcrypt. A remote attacker could exploit this vulnerability by sending crafted Elliptic Curve Diffie-Hellman ECDH ciphertext to the gcrypkdecrypt function. This can lead to a heap-based buffer overflow, potentially causing a denial of service DoS condition...
SUSE CVE-2026-34872
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...
SUSE CVE-2026-34875
An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...