Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: comp – Use the same definition for the context alloc and free operations. In commit 42d9f6c77479 “crypto: acomp – Move the scomp stream allocation code into acomp”, the cryptoacompstreams struct was designed to rely on th...

Astra Linux – Vulnerability in Golang-1.19

Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/TLS clients, as well as servers that have Config.ClientAuth set to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fixed a UAF issue in f2fsinodeinfo in f2fsfreedic. The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after reading, and the kworker responsible for...

Astra Linux – Vulnerability in Linux 5.10, Linux

Before version 5.17.9, the Linux kernel allowed TCP servers to identify clients by observing which source ports were used. This occurs due to the use of Algorithm 4 "Double-Hash Port Selection Algorithm" from RFC 6056...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 CVE...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 Copy Fail Detection Tool A comprehensive det...

OESA-2026-2174 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algifaead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of the associated data.\n\nThere is no...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Copy Fail Local Privilege Escalation i...

CLSA-2026-1777547052 openssl: Fix of CVE-2026-28389

CVE-2026-28389: fix NULL pointer dereference in dhcmssetsharedinfo and ecdhcmssetsharedinfo when the CMS KeyEncryptionAlgorithmIdentifier parameter field is omitted...

Linux Distros Unpatched Vulnerability : CVE-2026-43043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: af-alg - fix NULL pointer dereference in scatterwalk The AFALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431: Zero-Reboot Remediation for OpenShift 4 via BP...

CVE-2026-43043

In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AFALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new afalgtsgl structure. If a sendmsg fills an SGL exactly to MAXSGLENTS, the...

CVE-2026-43043

The CVE describes a Linux kernel vulnerability in the AF_ALG crypto interface where chaining a new af_alg_tsgl structure can leave the end marker of the previous Scatter/Gather List uncleared when a sendmsg exactly fills MAX_SGL_ENTS. This causes sg_next() to return NULL, potentially leading to a...

CVE-2026-43043

In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AFALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new afalgtsgl structure. If a sendmsg fills an SGL exactly to MAXSGLENTS, the...

CVE-2026-31739

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - Add missing CRYPTOALGASYNC The tegra crypto driver failed to set the CRYPTOALGASYNC on its asynchronous algorithms, causing the crypto API to select them for users that request only synchronous algorithms. This...

CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

Exploit for CVE-2026-31431

CVE-2026-31431 Checker "Copy Fail" Detection tool for Linux...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the asynchronous algorithm not setting the CRYPTOALGASYNC flag, potentially leading to crashes...

PT-2026-36460

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The AF ALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new af alg tsgl structure. If the sendmsg function fills an SGL exactly to MAX SGL ENTS, the las...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...