nebula-mesh: Decrypted CA private key persists in heap after signing

internal/pki/resolver.go:36-64 constructs a CAManager with the plaintext ed25519.PrivateKey after unwrapping via the master key; internal/pki/ca.go:13-16 stores it. Callers at internal/api/enroll.go:116, internal/api/updates.go:297, and internal/api/mobilebundle.go:40 use the manager for one Sign...

EUVD-2026-32856

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...

PT-2026-44352

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue in the drm/amdkfd component allows stale data exposure during VRAM allocation. While the GEM ioctl path correctly sets the AMDGPU GEM CREATE VRAM CLEARED flag for userspace...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Fixed call trace warnings and hangs when removing the amdgpu device. On GPUs with RAS enabled, hangs are observed during the shutdown process when checking the call trace. In version 2, the “shutdown” flag was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted: dcp: Fixed the leak of the blob encryption key Trusted keys unseal the key blob upon loading, but keep the sealed payload in the blob field. Thus, every subsequent read export simply converts this field to...

GPU-Backed-Shellcode-Execution-PoC

GPU-Backed Shellcode...

EUVD-2020-3552

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-53036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down...

CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

DEBIAN-CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

UBUNTU-CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

CVE-2023-53036 drm/amdgpu: Fix call trace warning and hang when removing amdgpu device

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

SUSE CVE-2024-45004

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak of blob encryption key Trusted keys unseal the key blob on load, but keep the sealed payload in the blob field so that every subsequent read export will simply convert this field to hex and send it to...

CVE-2024-45004 KEYS: trusted: dcp: fix leak of blob encryption key

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak of blob encryption key Trusted keys unseal the key blob on load, but keep the sealed payload in the blob field so that every subsequent read export will simply convert this field to hex and send it to...

Information disclosure

In wipensmemory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. Google Pixel suffers from a security vulnerability that stems from a logic error in the code of the wipensmemory method of the nsmemwipe.c file, which may result in incorrect size calculations...

SUSE CVE-2015-2157

The 1 ssh2loaduserkey and 2 ssh2saveuserkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory...

Debian Security Advisory DSA 3190-1 (putty - security update)

Patrick Coleman discovered that the Putty SSH client failed to wipe out unused sensitive memory. In addition Florent Daigniere discovered that exponential values in Diffie Hellman exchanges were insufficienty restricted. OpenVAS Vulnerability Test $Id: deb3190.nasl 6609 2017-07-07 12:05:59Z...