RHCOS 2 : node.js (RHSA-2015:1546)

The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1546 advisory. - SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack CVE-2014-3566 Note that Nessus has not tested for this issue but has instead...

Astra Linux - уязвимость в opensc

A vulnerability was discovered in OpenSC, where the removal of PKCS1 encryption padding is not implemented in a way that ensures side-channel resistance. This issue may lead to the potential leakage of private data...

Astra Linux - уязвимость в ceph

A key length flaw was discovered in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed during the encryption algorithm process, resulting in the creation of a non-random key. Such a key is weaker and can be exploited to compromise the confidentiality...

Astra Linux - уязвимость в jose

latchset jose through version 11 allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value...

Astra Linux - уязвимость в linux, linux-5.10

“Specifically timed and handcrafted traffic can cause internal errors in a WLAN device, leading to improper Layer 2 Wi-Fi encryption. This may result in information disclosure over the air for a specific set of traffic.” In Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed an oops during encryption When running xfstests against Azure, the following oops occurred on an arm64 system: Unable to handle kernel writes to read-only memory at virtual address ffff0001221cf000 Mem abort info:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y With vmalloc stack addresses enabled CONFIGVMAPSTACK=y DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This...

Astra Linux - уязвимость в golang-github-dvsekhvalnov-jose2go

A vulnerability was discovered in dvsekhvalnov jose2go versions 1.5.0 through 1.7.0. This vulnerability allows an attacker to trigger a Denial-of-Service DoS attack by using a specially crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU virtual crypto device during handling of data encryption/decryption requests in virtiocryptohandlesymreq. There is no check for the values of srclen and dstlen in virtiocryptosymophelper, which may lead to a heap buffer overflow if these values differ...

Astra Linux - уязвимость в thunderbird

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way, Thunderbird repeatedly attempts to process and display the message. This could cause Thunderbird’s user interface to lock up and no longer respond to the user’s actions. An attacker could send a crafted message with this...

Astra Linux - уязвимость в linux

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: afalg – Fixed an issue where initialisation was missing, affecting gcm-aes-s390. Fixed the afalgallocareq function to initialize areq-firstrsgl.sgl.sgt.sgl to point to the scatterlist array in areq-firstrsgl.sgl.sgl...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: l2cap: Check the encryption key size during incoming connections. This is required for passing the GAP/SEC/SEM/BI-04-C PTS test case: - Security Mode: 4, Level: 4, Responder: Invalid Encryption Key Size - Key Size:...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn – Rejects AADs that are too short assoclen 8 to match the ESP/ESN specification. authencesn assumes that the AAD is in the ESP/ESN format. When the length of assoclen is shorter than the minimum expected length...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: essiv – The ssizei check is moved to the beginning of essivaeadcrypt, so it is also checked for decryption and in-place encryption...

Astra Linux - уязвимость в freeipa

A vulnerability was discovered in FreeIPA when a Kerberos TGS-REQ is encrypted using the client’s session key. This key varies for each new session, which helps protect it from brute-force attacks. However, the ticket contained within the encrypted message is encrypted using the target principal...

Astra Linux - уязвимость в thunderbird

If a Thunderbird user responded to a crafted HTML email containing a meta tag, where the meta tag had the http-equiv="refresh" attribute, and the content attribute specified a URL, then Thunderbird would initiate a network request to that URL, regardless of any configuration settings that block...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Return the correct error code from smb2getenckey Avoid a warning if the error is passed back up: 440700.376476 CIFS VFS: \otters.example.com cryptmessage: Could not get encryption key 440700.386947 ------------ Cut here...

Astra Linux - уязвимость в linux-5.15

A flaw was discovered in KVM AMD Secure Encrypted Virtualization SEV within the Linux kernel. A KVM guest that uses SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler...