SUSE-SU-2026:21555-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before...

Linux Distros Unpatched Vulnerability : CVE-2026-31697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if t...

Security update for qemu (moderate)

openSUSE security update: security update for qemu ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20357-1 Rating: moderate References: bsc1255400 bsc1256484 bsc1257474 bsc1257492 Cross-References: CVE-2025-14876 CVE-2026-0665 CVSS scores:...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : QEMU vulnerabilities (USN-8073-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8073-1 advisory. It was discovered that the UHCI controller implementation of QEMU could be brought into an invalid state. An attacker inside the gues...

Deno node:crypto doesn't finalize cipher

Summary The vulnerability allows an attacker to have infinite encryptions. This can lead to naive attempts at brute forcing, as well as more refined attacks with the goal to learn the server secrets. PoC js import crypto from "node:crypto"; const key = crypto.randomBytes32; const iv =...

Linux Distros Unpatched Vulnerability : CVE-2023-53817

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: lib/mpi - avoid null pointer deref in mpicmpui During NVMeTCP Authentication a controller can trigger a kernel oops by specifying the 8192 bit Diffie...

CVE-2025-40062

CVE-2025-40062: In the Linux kernel crypto: hisilicon/qm code, freeing qm->debug.qm_diff_regs without NULLing it can lead to a double-free during removal. The fix is to set qm->debug.qm_diff_regs to NULL after freeing it. Connected advisories from Astra Linux and SUSE/OpenSUSE entries confi...

Linux Distros Unpatched Vulnerability : CVE-2023-53494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data...

Linux Distros Unpatched Vulnerability : CVE-2025-38590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an...

Linux Distros Unpatched Vulnerability : CVE-2024-38579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer...

OESA-2025-1730 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The freedevicecompressionmodeiaadevice, devicemode function frees "devicemode" but it iss passed to...

Linux Distros Unpatched Vulnerability : CVE-2023-52813

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as follows: INFO: task cryptomgrtest:391009 blocked for more than 120...

kernel: use after free in nvmet_tcp_free_crypto in NVMe

A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead t...

Top Black Hat USA Sessions for Qualys Customers

Black Hat USA is known for cutting-edge security research, and this year’s conference is no different. If you’re a Qualys customer, here are some Black Hat sessions we think youll find relevant. Next-Gen DFIR: Mass Exploits & Supplier Compromise An investigation of real “next-gen” digital forensi...

Critical Libgcrypt Crypto Bug Opens Machines to Arbitrary Code

The Libgcrypt project has rushed out a fix for a critical bug in version 1.9.0 of the free-source cryptographic library. An exploit would allow an attacker to write arbitrary data to a target machine and execute code. The security vulnerability is a heap-buffer overflow bug in Libgcrypt 1.9.0...

PoC Exploits Published For Microsoft Crypto Bug

Two proof-of-concept PoC exploits have been publicly released for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft. The vulnerability CVE-2020-0601 could enable an attacker to spoof a code-signing certificate necessary for validati...

Juniper Crypto Bug Let Attackers Eavesdrop on Router, Switch Traffic

Juniper Networks patched a crypto bug tied to its public key infrastructure that could have allowed hackers to access the company’s routers, switches and security devices and eavesdrop on sensitive communications. The flaw was tied to Juniper products and platforms running Junos, the Juniper...

Kernel: crypto: buffer overruns in RFC4106 implementation using AESNI

A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a...

Second Crypto Bug in Networking Library Could Affect 25,000 Apps

A few weeks after the developers of the AFNetworking library that’s popular among iOS and OS X app developers patched a serious bug in the library that enabled man-in-the-middle attacks, another, similar flaw has surfaced. The new vulnerability is related to how the AFNetworking library handles...

PHP 5.3.8 Released, Fixes Crypto Bug

A day after warning users about a serious bug in the cryptographic function in PHP 5.3.7 and telling them not to upgrade to that release, the maintainers of the scripting language pushed out version 5.3.8, which fixes the crypto problem as well as another security related issue. PHP 5.3.7, which...