3 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: crypto: krb5enc – Fix for skipping hash verification during asynchronous decryption. The krb5encdispatchdecrypt function sets req-base.complete as the skcipher callback. This means that the caller’s own completion handler is...
CVE-2026-31719
CVE-2026-31719 concerns the Linux kernel crypto/krb5enc async decrypt path where the skcipher completion could bypass the hash verification, bypassing integrity checks. The root cause is krb5enc_dispatch_decrypt() signaling completion without invoking krb5enc_dispatch_decrypt_hash(). The fix adds...
kernel: crypto: xts - Handle EBUSY correctly
A flaw use after free in the Linux kernel XTS XOR Encrypt XOR with ciphertext stealing crypto Kernel module was found in the way privileges user triggers XTS crypto API in specific way. A local user could use this flaw to crash the system or potentially escalate their privileges on the system...