14 matches found
SUSE-SU-2026:21361-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. -...
CVE-2026-23125
In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...
CVE-2026-23125 sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT
In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...
CVE-2026-23125 sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT
In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper order of the SCTPCMDASSOCSHKEY command in SCTP, potentially leading to a null pointer...
EUVD-2025-24617
Malicious code in bioql PyPI...
CVE-2025-2182
A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key CAK. This issue is only applicable to PA-7500 Series devices which are in an NGFW cluster. A user who possesses this key can read messages...
CVE-2025-2182 PAN-OS: Firewall Clusters using the MACsec Protocol Expose the Connectivity Association Key (CAK)
A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key CAK. This issue is only applicable to PA-7500 Series devices which are in an NGFW cluster. A user who possesses this key can read messages...
PT-2025-33022 · Palo Alto Networks · Pa-7500 Series +1
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS® affected versions not specified PA-7500 Series devices in an NGFW cluster affected versions not specified Description: A flaw in the implementation of the MACsec protocol can lead to the cleartext exposure of the...
kernel: sctp: handle the error returned from sctp_auth_asoc_init_active_key
In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. The old shkey will be freeed while it's still used as active key in...
kernel: sctp: handle the error returned from sctp_auth_asoc_init_active_key
In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. The old shkey will be freeed while it's still used as active key in...
Design/Logic Flaw
If all 64 digits of the connectivity association name CKN key or all 32 digits of the connectivity association key CAK key are not configured, all remaining digits will be auto-configured to 0. Hence, Juniper devices configured with short MacSec keys are at risk to an increased likelihood that an...
CVE-2018-0021
If all 64 digits of the connectivity association name CKN key or all 32 digits of the connectivity association key CAK key are not configured, all remaining digits will be auto-configured to 0. Hence, Juniper devices configured with short MacSec keys are at risk to an increased likelihood that an...
CVE-2018-0021
CVE-2018-0021 affects Junos OS when MacSec CKN/CAK keys are configured with short values. If all 64 CKN digits or all 32 CAK digits are not configured, remaining digits auto-configure to 0, increasing the feasibility of dictionary/brute-force attacks to recover key material via spoofed packets. A...