Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: crypto: afalg – Corrected incorrect boolean values in afalgctx. The commit 1b34cbbf4f01 „crypto: afalg – Disallowed concurrent writes in afalgsendmsg“ changed some fields from bool to 1-bit u32 fields. However, some assignment...

RHEL 9 : kernel (RHSA-2026:19225)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19225 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Servi...

SUSE CVE-2026-43078

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...

CVE-2026-43078

A flaw was found in the Linux kernel. Specifically, within the crypto: afalg component, a page reassignment overflow could occur in the afalgpulltsgl function. This vulnerability arises because the original loop was not updated, potentially allowing it to reassign one more page than necessary. Th...

EUVD-2026-27567

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...

CVE-2026-43078

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...

CVE-2026-43078 crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...

CVE-2026-43078

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...

Oracle Linux 8 : kernel (ELSA-2026-13577)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13577 advisory. - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Herbert Xu RHEL-172187 CVE-2026-31431 - crypto: authencesn - rejec...

CLSA-2026-1777641037 kernel-uek: Fix of CVE-2026-31431

crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...

Exploit for CVE-2026-31431

Copy-Fail---CVE-2026-31431 CVE-2026-31431 "Copy Fail" - Analys...

Unbreakable Enterprise kernel security update: Copy Fail

6.12.0-201.74.2.2 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292190 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292190 - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Herbert Xu...

About Elevation of Privilege - Linux Kernel "Copy Fail" (CVE-2026-31431) vulnerability

About Elevation of Privilege - Linux Kernel "Copy Fail" CVE-2026-31431 vulnerability. A local privilege escalation vulnerability in the Linux kernel AFALG component, which is caused by a memory handling flaw, allows an unprivileged user to escalate privileges to root. By exploiting this...

Linux Distros Unpatched Vulnerability : CVE-2026-31677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: afalg - limit RX SG extraction by receive buffer budget Make afalggetrsgl limit each RX scatterlist extraction to the remaining receive buffer budget...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007617 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg...

SUSE SLES15 / openSUSE 15 : Security update for the Linux Kernel (SUSE-SU-2026:1041-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1041-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs...

SUSE-SU-2026:20838-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues. The following security issues were fixed: - CVE-2025-39753: gfs2: Set .migratefolio in gfs2rgrp,metaaops bsc1249590. - CVE-2025-39964: crypto: afalg - Disallow concurrent writes in afalgsendmsg bsc1251966. -...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50134)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50134 advisory. - xfrm: delete x-tunnel as we delete x Sabrina Dubroca Orabug: 39016501 CVE-2025-40215 - crypto: afalg - Fix incorrect boolean values in afalgctx...

Unbreakable Enterprise kernel security update

5.4.17-2136.352.5.1 - xfrm: flush all states in xfrmstatefini Sabrina Dubroca Orabug: 39016499 - xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added Sabrina Dubroca Orabug: 39016499 - Revert 'xfrm: destroy xfrmstate synchronously on net exit path' Sabrina Dubroc...

Siemens S7-1500 Incorrect Type Conversion or Cast (CVE-2025-40022)

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix incorrect boolean values in afalgctx Commit 1b34cbbf4f01 crypto: afalg - Disallow concurrent writes in afalgsendmsg changed some fields from bool to 1-bit bitfields of type u32. However, some assignments to...