Security update for openssl-3

This update for openssl-3 fixes the following issue: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Security update for openssl-3

This update for openssl-3 fixes the following issue: Security issues fixed: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Other updates and bugfixes: Enable MD2 in legacy provider jscPED-15724. Patch...

SUSE-SU-2026:1605-1 Security update for openssl-3

This update for openssl-3 fixes the following issue: Security issues fixed: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Other updates and bugfixes: - Enable MD2 in legacy provider jscPED-15724...

rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length

The frompemcallback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of OpenSSL to over-read this buffer. OpenSSL 3.x is not affected by this...

Fedora 43 : pypy (2026-2af3865ebf)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2af3865ebf advisory. JIT translation fix for bootstraping, require openssl 3 and fix CVE-2026-25645 and CVE-2025-8869 Tenable has extracted the preceding description blo...

Fedora 45 : pypy (2026-ae330775b9)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ae330775b9 advisory. JIT translation fix for bootstraping, require openssl 3 and fix CVE-2026-25645 and CVE-2025-8869 Tenable has extracted the preceding description blo...

openSUSE Security Advisory (SUSE-SU-2026:1215-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:1213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:1213-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1213-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processi...

SUSE SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2026:1215-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1215-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference...

📄 OpenSSL 3.x ASN.1 AES‑GCM Nonce Stack Corruption

This Metasploit auxiliary module generates a specially crafted CMS file encoded in DER format to test a stack-based buffer overflow vulnerability in OpenSSL's ASN.1 parser related to improper handling of oversized AES-GCM nonce IV values within AES-GCM-Parameters as defined in RFC 5084. The...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...

SUSE-SU-2026:0309-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

CVE-2026-21444 libtpms returns wrong initialization vector when certain symmetric ciphers are used

libtpms, a library that provides software emulation of a Trusted Platform Module, has a flaw in versions 0.10.0 and 0.10.1. The commonly used integration of libtpms with OpenSSL 3.x contained a vulnerability related to the returned IV initialization vector when certain symmetric ciphers were used...

PT-2026-1122

Name of the Vulnerable Software and Affected Versions libtpms versions 0.10.0 through 0.10.1 Description libtpms, a library providing software emulation of a Trusted Platform Module, contains a flaw impacting data confidentiality. When integrated with OpenSSL 3.x, the library incorrectly returns...

SUSE SLES16 Security Update : openssl-3 (SUSE-SU-2025:21213-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21213-1 advisory. - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in...

SUSE: Security Advisory (SUSE-SU-2025:21213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues: CVE-2025-9230: Fix out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 Disable LTO for userspace livepatching jscPED-13245 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

SUSE: Security Advisory (SUSE-SU-2025:03442-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:03442-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...