28 matches found
OESA-2026-2072 llvm security update
LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...
OESA-2026-1968 llvm security update
LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...
CVE-2026-3503
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
EUVD-2026-13149
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
Overview Affected versions of this package are vulnerable to Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG via induced transient faults in the Keccak-based expansion process. An attacker can compromise key material and cryptographic outcomes by physically manipulating seed or...
CVE-2026-3503
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
UBUNTU-CVE-2026-3503
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
CVE-2026-3503
CVE-2026-3503 involves a protection mechanism failure in wolfSSL’s wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) on ARM Cortex-M devices. The root cause is exposed as transient fault injections that can corrupt or redirect seed/pointer values during Keccak-based expansion, potentiall...
CVE-2026-3503
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
CVE-2026-3503 Fault injection attack with ML-DSA and ML-KEM on ARM
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
Azure Linux 3.0 Security Update: clang (CVE-2024-7883)
The version of clang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7883 advisory. - When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via...
PT-2026-26329
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
EUVD-2024-48728
Malicious code in bioql PyPI...
Huawei EulerOS: Security Advisory for llvm (EulerOS-SA-2025-1319)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : llvm (EulerOS-SA-2025-1336)
According to the versions of the llvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure...
EulerOS 2.0 SP13 : llvm (EulerOS-SA-2025-1319)
According to the versions of the llvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure...
SUSE CVE-2024-7883
When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state...
CVE-2024-7883
When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state...
CVE-2024-7883
When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state...
CVE-2024-7883
When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state...