EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2026-2058)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

EulerOS Virtualization 2.12.0 : openssl (EulerOS-SA-2026-2108)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

OESA-2026-2330 compat-openssl11 security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes c...

OESA-2026-1753 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

OESA-2026-1749 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

[SECURITY] [DLA 4490-1] openssl security update

Debian LTS Advisory DLA-4490-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson February 23, 2026 https://wiki.debian.org/LTS Package : openssl Version : 1.1.1w-0+deb11u5 CVE ID : CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421...

MiracleLinux 4 : openssl-1.0.0-20.AXS4 (AXSA:2012-14:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-14:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

Performance and Storage Analysis of CRYSTALS Kyber As a Post Quantum Replacement for RSA and ECC

The steady advancement in quantum computer error correction technology has pushed the current record to 48 stable logical qubits, bringing us closer to machines capable of running Shor's algorithm at scales that threaten RSA and ECC cryptography. While the timeline for developing such quantum...

OpenSSL TLS 1.1 and 1.2 AES-NI Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework auxiliary/dos/ssl/opensslaesni class MetasploitModule 'OpenSSL TLS 1.1 and 1.2 AES-NI DoS', 'Description' = %q The AES-NI implementation of OpenSSL 1.0.1c does not...

OPENSUSE-SU-2024:0112-1 Security update for perl-CryptX

This update for perl-CryptX fixes the following issues: Updated to version 0.080: 0.080 2023-10-04 - fix 95 AES-NI troubles on MS Windows gcc compiler - fix 96 Tests failure with Math::BigInt = 1.999840 - Enabled AES-NI for platforms with gcc/clang/llvm 0.079 2023-10-01 - fix 92 update libtomcryp...

Side Channel Attack

github.com/containerd/containerd is vulnerable to Side Channel Attack. The vulnerability is caused due to an unprivileged access to Intel's RAPL Running Average Power Limit readings which provides software insights into hardware energy consumption. This can be exploited to mount power-based...

/sys/devices/virtual/powercap accessible by default to containers

Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux kernel 3.13, which reads values via relevant MSRs model specific...

x86/Intel: Gather Data Sampling

ISSUE DESCRIPTION A researcher has discovered Gather Data Sampling, a transient execution side-channel whereby the AVX GATHER instructions can forward the content of stale vector registers to dependent instructions. The physical register file is a structure competitively shared between sibling...

Medium: openssl11

Issue Overview: AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in...

K14236: OpenSSL vulnerability CVE-2012-2686

Security Advisory Description A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI supporting platforms can be exploited in a denial-of-service DoS attack. Anyone using an AES-NI platform for TLS 1.2 or TLS 1.1 on OpenSSL 1.0.1 before 1.0.1d is affected. Platforms...

K93600123: OpenSSL vulnerability CVE-2016-2107

Security Advisory Description The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC...

SUSE CVE-2022-2097

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...

EulerOS 2.0 SP10 : linux-sgx (EulerOS-SA-2022-2852)

According to the versions of the linux-sgx packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internal...

EulerOS 2.0 SP10 : openssl (EulerOS-SA-2022-2432)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properl...

CLSA-2022-1660238832 Fixed CVE-2022-2097 in openssl

CVE-2022-2097: Fix AES OCB encrypt/decrypt for x86 AES-NI...