109 matches found
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-2595)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Input: alps - fix use-after-free bugs caused by dev3registerworkCVE-2025-68822 ext4: reject mount if bigalloc with sfirstdatablock !=...
SUSE CVE-2026-52972
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...
Linux Distros Unpatched Vulnerability : CVE-2026-52972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to...
CVE-2026-52972
CVE-2026-52972 affects the Linux kernel crypto/af_alg component, causing an arithmetic overflow when handling associated data lengths during the TX buffer size check. The root cause is the potential overflow if AD length is not capped; the fix caps the AD length to 0x80000000. Multiple OS vendors...
CVE-2026-52972 crypto: af_alg - Cap AEAD AD length to 0x80000000
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...
CVE-2026-52972 crypto: af_alg - Cap AEAD AD length to 0x80000000
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...
RHEL 9 : kernel (RHSA-2026:19225)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19225 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Servi...
SUSE CVE-2026-43078
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078
A flaw was found in the Linux kernel. Specifically, within the crypto: afalg component, a page reassignment overflow could occur in the afalgpulltsgl function. This vulnerability arises because the original loop was not updated, potentially allowing it to reassign one more page than necessary. Th...
EUVD-2026-27567
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078 crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078 crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
CVE-2026-43078
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...
Oracle Linux 8 : kernel (ELSA-2026-13577)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13577 advisory. - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Herbert Xu RHEL-172187 CVE-2026-31431 - crypto: authencesn - rejec...
CLSA-2026-1777641037 kernel-uek: Fix of CVE-2026-31431
crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...
Exploit for CVE-2026-31431
Copy-Fail---CVE-2026-31431 CVE-2026-31431 "Copy Fail" - Analys...
Unbreakable Enterprise kernel security update: Copy Fail
6.12.0-201.74.2.2 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292190 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292190 - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Herbert Xu...
About Elevation of Privilege - Linux Kernel "Copy Fail" (CVE-2026-31431) vulnerability
About Elevation of Privilege - Linux Kernel "Copy Fail" CVE-2026-31431 vulnerability. A local privilege escalation vulnerability in the Linux kernel AFALG component, which is caused by a memory handling flaw, allows an unprivileged user to escalate privileges to root. By exploiting this...
CVE-2026-31677 crypto: af_alg - limit RX SG extraction by receive buffer budget
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - limit RX SG extraction by receive buffer budget Make afalggetrsgl limit each RX scatterlist extraction to the remaining receive buffer budget. afalggetrsgl currently uses afalgreadable only as a gate before...