Lucene search
K

104 matches found

OSV
OSV
added 2025/10/13 2:15 p.m.7 views

AZL-68460 CVE-2025-39964 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

3.3CVSS6.8AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2025/10/13 1:48 p.m.4 views

CVE-2025-39964 crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

3.3CVSS6.4AI score0.00227EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-39931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop...

5.5CVSS6.5AI score0.00137EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-8824

Malware in sbrugna...

5.5CVSS6.8AI score0.00504EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-9214

Malware in sbrugna...

7.8CVSS6.4AI score0.00408EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-1336

Malware in sbrugna...

5.5CVSS6.5AI score0.00434EPSS
Exploits0References14
Microsoft CVE
Microsoft CVE
added 2025/10/05 8:3 a.m.4 views

crypto: af_alg - Set merge to zero early in af_alg_sendmsg

...

5.5CVSS7AI score0.00137EPSS
Exploits0
Cvelist
Cvelist
added 2025/10/04 7:30 a.m.20 views

CVE-2025-39931 crypto: af_alg - Set merge to zero early in af_alg_sendmsg

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...

0.00137EPSS
Exploits0References7
CVE
CVE
added 2025/10/04 7:30 a.m.29 views

CVE-2025-39931

The CVE-2025-39931 entry concerns the Linux kernel crypto/af_alg subsystem. The vulnerability occurs in af_alg_sendmsg: if an error causes the call to abort, ctx->merge may contain a garbage value from the previous loop, which can trigger a crash on the next entry into af_alg_sendmsg when atte...

5.5CVSS6.1AI score0.00137EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-37808

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq context through afalg, use spin locks instead of mutexes to protect...

5.5CVSS6.7AI score0.00176EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/07/16 10:57 p.m.15 views

CVE-2022-48781

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

5.5CVSS5.9AI score0.00195EPSS
Exploits0References4
NVD
NVD
added 2024/07/16 12:15 p.m.22 views

CVE-2022-48781

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

5.5CVSS0.00195EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/07/16 12:15 p.m.15 views

CVE-2022-48781

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

5.5CVSS6.4AI score0.00195EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/16 11:13 a.m.13 views

CVE-2022-48781 crypto: af_alg - get rid of alg_memory_allocated

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

6.7AI score0.00195EPSS
Exploits0References2
OSV
OSV
added 2024/07/16 11:13 a.m.17 views

CVE-2022-48781 crypto: af_alg - get rid of alg_memory_allocated

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

5.5CVSS6.4AI score0.00195EPSS
Exploits0References5
CVE
CVE
added 2024/07/16 11:13 a.m.69 views

CVE-2022-48781

CVE-2022-48781 affects Linux kernel crypto: af_alg. The issue stems from removing alg_memory_allocated and an alg_proto memory_allocated field without a corresponding sysctl_mem, which makes sk_has_account() true and causes NULL pointer dereferences in sk_prot_mem_limits()/sock_reserve_memory whe...

5.5CVSS6.8AI score0.00195EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/16 11:13 a.m.28 views

CVE-2022-48781 crypto: af_alg - get rid of alg_memory_allocated

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

0.00195EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/07/16 11:13 a.m.16 views

CVE-2022-48781

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

5.5CVSS6.1AI score0.00195EPSS
Exploits0
OSV
OSV
added 2022/02/27 3:23 a.m.15 views

GSD-2022-1000554 crypto: af_alg - get rid of alg_memory_allocated

crypto: afalg - get rid of algmemoryallocated This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.11 by commit...

7.2AI score
Exploits0
Veracode
Veracode
added 2019/05/16 3:18 a.m.37 views

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. This is because Salsa20 encryption algorithm does not correctly handle zero-length inputs. This allows a local attacker to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or...

7.8CVSS7.2AI score0.00683EPSS
Exploits1References45Affected Software2
Rows per page
Query Builder