104 matches found
AZL-68460 CVE-2025-39964 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...
CVE-2025-39964 crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...
Linux Distros Unpatched Vulnerability : CVE-2025-39931
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop...
EUVD-2015-8824
Malware in sbrugna...
EUVD-2017-9214
Malware in sbrugna...
EUVD-2016-1336
Malware in sbrugna...
crypto: af_alg - Set merge to zero early in af_alg_sendmsg
...
CVE-2025-39931 crypto: af_alg - Set merge to zero early in af_alg_sendmsg
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...
CVE-2025-39931
The CVE-2025-39931 entry concerns the Linux kernel crypto/af_alg subsystem. The vulnerability occurs in af_alg_sendmsg: if an error causes the call to abort, ctx->merge may contain a garbage value from the previous loop, which can trigger a crash on the next entry into af_alg_sendmsg when atte...
Linux Distros Unpatched Vulnerability : CVE-2025-37808
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq context through afalg, use spin locks instead of mutexes to protect...
CVE-2022-48781
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...
CVE-2022-48781
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...
CVE-2022-48781
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...
CVE-2022-48781 crypto: af_alg - get rid of alg_memory_allocated
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...
CVE-2022-48781 crypto: af_alg - get rid of alg_memory_allocated
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...
CVE-2022-48781
CVE-2022-48781 affects Linux kernel crypto: af_alg. The issue stems from removing alg_memory_allocated and an alg_proto memory_allocated field without a corresponding sysctl_mem, which makes sk_has_account() true and causes NULL pointer dereferences in sk_prot_mem_limits()/sock_reserve_memory whe...
CVE-2022-48781 crypto: af_alg - get rid of alg_memory_allocated
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...
CVE-2022-48781
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...
GSD-2022-1000554 crypto: af_alg - get rid of alg_memory_allocated
crypto: afalg - get rid of algmemoryallocated This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.11 by commit...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of serviceDoS attacks. This is because Salsa20 encryption algorithm does not correctly handle zero-length inputs. This allows a local attacker to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or...