31 matches found
CVE-2026-43362
A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability allows a remote attacker to cause data corruption. When an SMB client attempts to write data over an unstable connection, the in-place encryption process can lead to already encrypted data being re-sent...
EUVD-2026-28668
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
UBUNTU-CVE-2026-43362
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
CVE-2026-43362
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
PT-2026-39023
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10 Description A flaw exists in the SMB client where the SMB2 write function places the write payload in iov1..n as part of rq iov. Because smb3 init transform rq pointer-shares rq iov, the crypt message functi...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 — Copy Fail Linux Kernel LPE Educational rew...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv – The ssizei check is moved to the beginning of essivaeadcrypt, so it is also checked for decryption and in-place encryption...
JLSEC-2026-230 AES OCB fails to encrypt some bytes
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013760)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013760 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011064)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011064 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the...
Unbreakable Enterprise kernel security update
5.15.0-314.193.5.5 - crypto: essiv - Check ssize for decryption and in-place encryption Herbert Xu Orabug: 38705933 CVE-2025-40019...
Unbreakable Enterprise kernel security update
5.4.17-2136.349.3.2 - crypto: essiv - Check ssize for decryption and in-place encryption Herbert Xu Orabug: 38705546 CVE-2025-40019...
Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28025)
The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28025 advisory. - crypto: essiv - Check ssize for decryption and in-place encryption Herbert Xu Orabug: 38712788 CVE-2025-40019 Tenable has extracted the precedi...
Linux Distros Unpatched Vulnerability : CVE-2025-40019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essivaeadcrypt so that it's also checked for decryption...
crypto: essiv - Check ssize for decryption and in-place encryption
...
SUSE CVE-2025-40019
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essivaeadcrypt so that it's also checked for decryption and in-place encryption...
EUVD-2025-35831
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essivaeadcrypt so that it's also checked for decryption and in-place encryption...
CVE-2025-40019
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essivaeadcrypt so that it's also checked for decryption and in-place encryption...
UBUNTU-CVE-2025-40019
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essivaeadcrypt so that it's also checked for decryption and in-place encryption...
CVE-2025-40019 crypto: essiv - Check ssize for decryption and in-place encryption
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essivaeadcrypt so that it's also checked for decryption and in-place encryption...