Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007335 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared ...

xrdp 安全漏洞

xrdp is an open-source remote desktop protocol server developed by Neutrinolabs. Versions of xrdp 0.10.5 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of verification of the message authentication code signature for encrypted RDP packets when the classic R...

DEBIAN-CVE-2026-5477

An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...

CVE-2026-5477 Prefix-substitution forgery via integer overflow in wolfCrypt CMAC

An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...

ksmbd: Compare MACs in constant time

...

CVE-2026-23364

A flaw was found in ksmbd, a Linux kernel module. This vulnerability stems from the use of a non-constant time memory comparison function when verifying Message Authentication Codes MACs. A remote attacker could exploit this timing difference to conduct a timing attack, potentially leading to the...

EUVD-2026-15344

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp with the correct function, cryptomemneq...

CVE-2026-23364

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp with the correct function, cryptomemneq...

CVE-2026-23364

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp with the correct function, cryptomemneq...

Important: munge

Issue Overview: MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key...

RUSTSEC-2026-0073 Panic in Standalone MAC Operations

An incorrect constant for the key length in libcrux-poly1305 caused the standalone MAC function libcruxpoly1305::mac to always panic with an out-of-bounds memory access. Impact Applications wishing to use libcrux-poly1305 as a standalone MAC would experience panics. The use of libcrux-poly1305 in...

CVE-2026-25506

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key material, the...

CVE-2026-25506 MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key material, the...

Node.js: Timing side-channel in HMAC verification via memcmp() in crypto_hmac.cc leads to potential MAC forgery

Vulnerability description not provided...

SUSE-SU-2026:0203-1 Security update for the Linux Kernel (Live Patch 15 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.70 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2025-39682: tls: fix handling of zero-length records on...

SUSE-SU-2026:20376-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-24.1 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2024-57849: s390/cpumsf: handle CPU hotplug remove during...

SUSE-SU-2026:20384-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2025-40204: sctp: Fix MAC comparison to be constant-time...

SUSE-SU-2026:0147-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 640-150700.7.22 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2025-40204: sctp: Fix MAC comparison to be constant-time...

Cryptographic Semantic Binding Flaw

ALTCHA libraries are vulnerable to a cryptographic semantic binding flaw. The vulnerability is due to ambiguous HMAC binding between challenge parameters and the nonce, which allows an attacker to splice or reinterpret a valid proof-of-work submission for example by modifying the expiration value...

Improper Verification of Cryptographic Signature

Overview altcha is a The ALTCHA Python Library is a lightweight, zero-dependency library designed for creating and verifying ALTCHA challenges, specifically tailored for Python applications. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via t...