Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

Cesanta Mongoose 数据伪造问题漏洞

Cesanta Mongoose is a set of embedded server libraries developed by the Irish company Cesanta. It includes functions for TCP and HTTP clients and servers, as well as WenSocket clients and servers. Versions of Cesanta Mongoose 7.20 and earlier contained a data manipulation vulnerability. This...

EUVD-2022-55110

Malicious code in bioql PyPI...

EUVD-2021-9358

Malicious code in bioql PyPI...

CVE-2023-38909

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function...

DEBIAN-CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

CVE-2022-49094

CVE-2022-49094 details a Linux kernel TLS slab-out-of-bounds condition in decrypt_internal caused by an IV size mismatch for AES128-CCM when TLS offload uses a 12-byte tls_ctx->rx.iv while crypto_aead_ivsize() reports 16 bytes. The issue manifests during memcpy() from a 12-byte space, leading ...

CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

CVE-2022-49094 net/tls: fix slab-out-of-bounds bug in decrypt_internal

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly set tlsctx-rx.iv memory size for AES128-CCM in the decryptinternal function, which results in ...

TP-LINK Smart bulb Tapo series L530 and Tapo Application Information Disclosure Vulnerability

TP-LINK Smart bulb Tapo is a smart bulb from China P&L TP-LINK. An information disclosure vulnerability exists in the TP-LINK Smart bulb Tapo series L530 and Tapo Application, which can be exploited by an attacker to obtain sensitive information via the IV component of the AES128-CBC feature...

CVE-2023-38909

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function...

Information disclosure

An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function...

CVE-2023-38909

The CVE-2023-38909 issue affects TP-Link Smart Bulb Tapo Series: L530 (<1.2.4), L510E (<1.1.0), L630 (<1.0.4), P100 (

CVE-2023-38909

An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function...

Man-in-the-middle (MITM)

ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the ''. This results in the administrator not bein...

DEBIAN-CVE-2021-22212

ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the ''. This results in the administrator not bein...

CVE-2021-22212

ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the ''. This results in the administrator not bein...

CVE-2021-22212

ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the ''. This results in the administrator not bein...