Astra Linux - уязвимость в openssl

Issue Summary: Generating excessively long X9.42 DH keys or checking overly long X9.42 DH keys or parameters can be very slow. Applications that use functions like DHgeneratekey to generate an X9.42 DH key may experience prolonged delays. Similarly, applications that use DHcheckpubkey,...

CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

UBUNTU-CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

Astra Linux - уязвимость в openssl

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

AZL-39961 CVE-2023-6237 affecting package nodejs for versions less than 20.14.0-1

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

openssl: Excessive time spent checking DH keys and parameters

A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

OpenSSL: Excessive time spent checking DH q parameter value

A vulnerability was found in OpenSSL. This security issue occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

PT-2023-4554

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 3.0 OpenSSL versions prior to 3.1 Description The issue is related to the functions DH check, DH check ex, and EVP PKEY param check in the OpenSSL library. These functions can cause excessive delays when checking...

AZL-42955 CVE-2023-3446 affecting package openssl for versions less than 1.1.1k-28

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

DEBIAN-CVE-2021-3711

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...