839 matches found
CVE-2026-10512
The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...
JLSEC-2026-622 Predictable WebSocket masking key and handshake nonce in HTTP.jl client
Description The WebSocket client masking key wssendframe! and the Sec-WebSocket-Key handshake nonce wsrandomhandshakekey were generated with randUInt8, n, which draws from the task-local Xoshiro256++ PRNG. Xoshiro is not cryptographically secure: its internal state can be recovered from a short r...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/lima: The mask for IRQs is set in the timeout path before a hard reset. There is a race condition in which a rendering job may take just long enough to trigger the timeout handler for the DRM sched job, but it still completes...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: macintosh/via-macii: Fixed “BUG: sleeping function called from invalid context”. The via-macii ADB driver calls requestirq after disabling hard interrupts. However, disabling interrupts is not necessary here, because the VIA shif...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the masking negation logic when dealing with a negative dst register. The negation logic for the case where the offreg is stored in the dst register is incorrect; therefore, we cannot simply invert the addition operati...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: The bdcnt field in the TX BD must be properly masked. The bdcnt field in the TX BD specifies the total number of BDs for the TX packet. This field consists of 5 bits, and the maximum supported value is 32, with the value ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: x86/fpu: Fixed the copyxstatetouabi function to correctly copy init states. When an extended state component is not present in fpstate, but is present in init state, the function copies data from initfpstate using copyfeature...
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...
CVE-2026-44249
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...
UBUNTU-CVE-2026-44249
Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo. Valid public IP addresses ca...
CVE-2026-44249 Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking
Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo. Valid public IP addresses ca...
CVE-2026-44249
Netty CVE-2026-44249 details a subnet filter bypass in netty-handler due to an incorrect masking operation in IpSubnetFilterRule.compareTo(). Affected are Netty versions prior to 4.1.135.Final and 4.2.15.Final. An attacker could bypass IPv6 subnet restrictions, allowing valid public IPs to bypass...
ImageMagick 缓冲区错误漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-24 contained a buffer error vulnerability. This vulnerability could occur when using the...
CVE-2026-11792 389-ds-base: 389-ds-base: heap buffer overflow in audit log password masking (create_masked_entry_string)
A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the createmaskedentrystring function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged requiri...
CVE-2026-11792 389-ds-base: 389-ds-base: heap buffer overflow in audit log password masking (create_masked_entry_string)
A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the createmaskedentrystring function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged requiri...
CVE-2026-11792
CVE-2026-11792 affects 389 Directory Server (389-ds-base). A heap buffer overflow occurs in auditlog.c, in the create_masked_entry_string() function, when audit logging uses a fixed-length password mask and the destination heap buffer lacks sufficient space. If a short cleartext password is logge...
EUVD-2026-35424
A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the createmaskedentrystring function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged requiri...
PT-2026-47781
A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the create masked entry string function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged...