CVE-2026-43033 crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place src != dst, there is no need to save the high-order sequence bits in dst as it could simply be re-copied...

CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

CLSA-2026-1777641037 kernel-uek: Fix of CVE-2026-31431

crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the crypto authencesn module failing to save the high sequence bits in dst when decrypting out-of-place,...

PT-2026-36450

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the authencesn component of the crypto subsystem during out-of-place decryption where source and destination are different. The system unnecessarily saves high-order...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer bsc1238917. CVE-2025-40242: gfs2: Fix unlikely race in gdlmputlock bsc1255075...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer bsc1238917. CVE-2025-40242: gfs2: Fix unlikely race in gdlmputlock bsc1255075...

CVE-2026-23060

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

CVE-2025-29775

CVE-2025-29775 : The xml-crypto library for Node.js is vulnerable in versions prior to 6.0.1, 3.2.1, and 2.1.6. An attacker can modify a valid signed XML message in transit such that signature verification still passes, bypassing authentication/authorization checks and enabling privilege escalati...

kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned.

A buffer over-read flaw was found in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash...