297 matches found
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
Astra Linux – Vulnerability in mbedtls
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS from 2.19.1 onwards does not reduce the blinded scalar before computing the inverse. This allows a local attacker to recover the private key through side-channel attacks...
ROOT-APP-GOBINARY-CVE-2025-58181 CVE-2025-58181 in rootio-golang.org/x/crypto - Patched by Root
Root has patched CVE-2025-58181 in the rootio-golang.org/x/crypto package for Root:Go. Multiple fixed versions available...
crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building
A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...
MGASA-2026-0179 Updated golang-x-crypto & golang-x-sys-devel packages fix security vulnerability
fixes a protocol weakness in the golang.org/x/crypto/ssh package that allowed a MITM attacker to compromise the integrity of the secure channel before it was established, allowing them to prevent transmission of a number of messages immediately after the secure channel was established without...
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building
A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...
Allocation of Resources Without Limits or Throttling
Overview golang.org/x/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the public key parsers. An attacker can exhaust CPU resources by submitting crafted RSA or DSA public keys with excessively larg...
GO-2026-5020 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh
When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
Astra Linux - уязвимость в golang-1.15
In Go versions before 1.14.14 and 1.15.x, as well as before 1.15.7, the crypto/elliptic/p224.go file may generate incorrect outputs due to a underflow of the lowest limb during the final complete reduction of the P-224 field...
Astra Linux – Vulnerability in golang-go.crypto
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server under certain circumstances involving AddHostKey...
crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building
A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
CVE-2026-43492
In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...
crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation
A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: acomp – Fixed CFI failures due to type punning. To avoid crashes when control flow integrity is enabled, ensure that the workspace “stream” uses a consistent type for function calls, and invoke functions through a functio...
Astra Linux – Vulnerability in golang-go.crypto
The x/crypto/ssh package in version 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to cause a panic in an SSH server...
[SECURITY] Fedora 43 Update: libgcrypt-1.11.1-4.fc43
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...