Lucene search
K

115 matches found

OSV
OSV
added 2025/06/18 10:15 a.m.1 views

UBUNTU-CVE-2025-38052

In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipcaeadencryptdone Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free...

7.8CVSS6.2AI score0.00171EPSS
Exploits0References41
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the existence of a post-release read after AEAD encryption is complete in net/tipc...

7.8CVSS6.9AI score0.00171EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: Fixed a UAF Use-After-Free issue in decryption with multichannel. After the commits f7025d861694 “smb: client: allocate crypto only for primary server” and b0abcd65ec54 “smb: client: fix UAF in async decryption”,...

7.8CVSS6.5AI score0.00158EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-26763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is...

7.1CVSS6.6AI score0.00282EPSS
Exploits0References2
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

UBUNTU-CVE-2022-49260

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - fix the aead software fallback for engine Due to the subreq pointer misuse the private context memory. The aead soft crypto occasionally casues the OS panic as setting the 64K page. Here is fix it...

5.5CVSS6.5AI score0.00245EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.6 views

PT-2026-4941

Name of the Vulnerable Software and Affected Versions OpenSSL version 3.0 OpenSSL version 3.3 OpenSSL version 3.4 OpenSSL version 3.5 OpenSSL version 3.6 Description Parsing CMS AuthEnvelopedData or EnvelopedData messages with maliciously crafted AEAD Authenticated Encryption with Associated Data...

10CVSS7.5AI score0.47621EPSS
Exploits7References238
OSV
OSV
added 2024/11/19 2:16 a.m.2 views

DEBIAN-CVE-2024-50281

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation When sealing or unsealing a key blob we currently do not wait for the AEAD cipher operation to finish and simply return after submitting the request. If there is...

5.5CVSS5.6AI score0.00173EPSS
Exploits0References1
OSV
OSV
added 2024/11/19 2:16 a.m.7 views

UBUNTU-CVE-2024-50281

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation When sealing or unsealing a key blob we currently do not wait for the AEAD cipher operation to finish and simply return after submitting the request. If there is...

5.5CVSS6AI score0.00173EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2024/08/16 7:0 a.m.9 views

crypto: aeadcipher - zeroize key buffer after use

...

4.1CVSS7.3AI score0.00228EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/07/10 12:18 a.m.3 views

kernel: tls: handle backlogging of crypto requests

A flaw was found in the tls subsystem of the Linux kernel. When setting the CRYPTOTFMREQMAYBACKLOG flag on requests to the crypto API, cryptoaeadencrypt and cryptoaeaddecrypt functions can return -EBUSY instead of -EINPROGRESS in valid situations. This issue could lead to undefined behavior and a...

5.5CVSS6.8AI score0.00246EPSS
Exploits0References5
Filippo.io
Filippo.io
added 2024/06/26 2:24 p.m.17 views

XAES-256-GCM

About a year ago I wrote that “I want to use XAES-256-GCM/11, which has a number of nice properties and only the annoying defect of not existing.” Well, there is now an XAES-256-GCM specification. Had to give up on the /11 part, but that was just a performance optimization. XAES-256-GCM is an...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/04/13 2:10 a.m.1 views

SUSE CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

5.5CVSS6.2AI score0.00282EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2024/04/04 12:34 a.m.30 views

CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

5.5CVSS6.8AI score0.00282EPSS
Exploits0References4
NVD
NVD
added 2024/04/03 5:15 p.m.18 views

CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

7.1CVSS7.3AI score0.00282EPSS
Exploits0References10
OSV
OSV
added 2024/04/03 5:15 p.m.1 views

DEBIAN-CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

7.1CVSS5.6AI score0.00282EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/04/03 5:15 p.m.38 views

CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

7.1CVSS6.3AI score0.00282EPSS
Exploits0References22
OSV
OSV
added 2024/04/03 5:15 p.m.2 views

UBUNTU-CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

7.1CVSS6.2AI score0.00282EPSS
Exploits0References23
Cvelist
Cvelist
added 2024/04/03 5:0 p.m.22 views

CVE-2024-26763 dm-crypt: don't modify the data when using authenticated encryption

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

7.6AI score0.00282EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/04/03 5:0 p.m.13 views

CVE-2024-26763 dm-crypt: don't modify the data when using authenticated encryption

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

6.7AI score0.00282EPSS
Exploits0References8
CVE
CVE
added 2024/04/03 5:0 p.m.134 views

CVE-2024-26763

CVE-2024-26763 is a Linux kernel vulnerability in dm-crypt related to authenticated encryption. The issue arises when data is modified during encryption, which could produce an invalid tag. The fix copies the data into a clone bio and encrypts there, avoiding in-place modification and potential d...

7.1CVSS6.1AI score0.00282EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder