Lucene search
K

64 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-41515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...

3.3CVSS6.2AI score0.00094EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 8:16 p.m.11 views

DEBIAN-CVE-2026-41515

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...

3.3CVSS6AI score0.00094EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 8:16 p.m.6 views

CVE-2026-41515

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...

3.3CVSS0.00094EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 7:25 p.m.35 views

CVE-2026-41515 OP-TEE: RSA-OAEP padding oracle in NXP CAAM driver enables plaintext recovery

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...

2.5CVSS0.00094EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/07/06 7:25 p.m.6 views

CVE-2026-41515

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...

3.3CVSS6AI score0.00094EPSS
Exploits0
CVE
CVE
added 2026/07/06 7:25 p.m.14 views

CVE-2026-41515

OP-TEE (Trusted Execution Environment for Arm Cortex-A TrustZone) has a vulnerability in the RSA-OAEP decryption path within the NXP CAAM crypto driver. From version 3.9.0 up to, but not including, 4.11.0, the driver uses non-constant-time memcmp() for label hash verification, exposing a Manger-s...

3.3CVSS6AI score0.00094EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 7:25 p.m.5 views

CVE-2026-41515

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses...

2.5CVSS6AI score0.00094EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: caam – Fixed a memory leak in dpaa2caamprobe. When commit 0e1a4d427f58 “crypto: caam: Unembed netdev structure in dpaa2” converted the embedded netdevice to dynamically allocated pointers, it added cleanup code in...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/20 12:28 a.m.7 views

kernel: crypto: caam - fix overflow on long hmac keys

A flaw was found in the Linux kernel's caam cryptographic accelerator driver. When processing a Hash-based Message Authentication Code HMAC key that exceeds the block size, the driver incorrectly handles memory allocation and copying. This can lead to an overflow, where the system attempts to rea...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References5
OSV
OSV
added 2026/06/19 12:0 a.m.7 views

ALSA-2026:27288 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix tx.buf use-after-free in isotpsendmsg CVE-2026-31474 kernel: mptcp: fix slab-use-after-free in inetlookupestablished CVE-2026-31669 kernel: rxrpc: Fix RxGK token loading t...

9.8CVSS6.6AI score0.004EPSS
Exploits11References32
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.12 views

SUSE CVE-2026-46291

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/08 7:32 p.m.22 views

CVE-2026-46291

A flaw was found in the Linux kernel's crypto: caam component. This vulnerability allows for the disclosure of sensitive HMAC Hash-based Message Authentication Code key bytes at runtime. The issue occurs because the hashdigestkey function uses printhexdumpdevel without proper guarding, which can...

5.5CVSS5.5AI score0.00123EPSS
Exploits0References4
NVD
NVD
added 2026/06/08 5:16 p.m.10 views

CVE-2026-46291

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 5:16 p.m.9 views

UBUNTU-CVE-2026-46291

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

5.5CVSS5.3AI score0.00123EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:46 p.m.7 views

CVE-2026-46291

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

5.4AI score0.00123EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/06/08 3:46 p.m.8 views

EUVD-2026-35157

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at runtime when CONFIGDYNAMICDEBUG is enabled...

5.4AI score0.00123EPSS
Exploits0References5
CVE
CVE
added 2026/06/08 3:46 p.m.60 views

CVE-2026-46291

CVE-2026-46291 affects the Linux kernel crypto caam path, specifically hash_digest_key, where HMAC key bytes could be exposed via hex dumps when dynamic debugging is enabled. The reported fix changes the dumping approach to use print_hex_dump_devel() to avoid leaking sensitive HMAC key material a...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47363

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description An issue exists in the hash digest key function within the caam crypto module. When CONFIG DYNAMIC DEBUG is enabled, sensitive HMAC key bytes may be leaked at runtime through hex dumps. Thi...

9.8CVSS5.2AI score0.00426EPSS
Exploits5References429
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the hexadecimal dump of the HMAC key in the caam driver, potentially leading to the exposure of t...

5.5CVSS5.3AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-45900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: caam - fix netdev memory leak in dpaa2caamprobe When commit 0e1a4d427f58 crypto: caam: Unembed netdev structure in dpaa2 converted embedded netdevice to...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References3
Rows per page
Query Builder