23 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31533
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption The -EBUSY handling in...
EUVD-2025-5234
Malicious code in bioql PyPI...
kernel: tipc: force a dst refcount before doing decryption
A vulnerability was found in the Linux kernel's TIPC module, where a reference count on the destination entry was not enforced before decryption. This issue arises due to potential asynchronous returns from crypto requests, which could lead to crash...
kernel: tipc: force a dst refcount before doing decryption
A vulnerability was found in the Linux kernel's TIPC module, where a reference count on the destination entry was not enforced before decryption. This issue arises due to potential asynchronous returns from crypto requests, which could lead to crash...
kernel: tipc: force a dst refcount before doing decryption
A vulnerability was found in the Linux kernel's TIPC module, where a reference count on the destination entry was not enforced before decryption. This issue arises due to potential asynchronous returns from crypto requests, which could lead to crash...
CVE-2024-40983 tipc: force a dst refcount before doing decryption
In the Linux kernel, the following vulnerability has been resolved: tipc: force a dst refcount before doing decryption As it says in commit 3bc07321ccc2 "xfrm: Force a dst refcount before entering the xfrm type handlers": "Crypto requests might return asynchronous. In this case we leave the rcu...
kernel: tls: handle backlogging of crypto requests
A flaw was found in the tls subsystem of the Linux kernel. When setting the CRYPTOTFMREQMAYBACKLOG flag on requests to the crypto API, cryptoaeadencrypt and cryptoaeaddecrypt functions can return -EBUSY instead of -EINPROGRESS in valid situations. This issue could lead to undefined behavior and a...
kernel: tls: handle backlogging of crypto requests
A flaw was found in the tls subsystem of the Linux kernel. When setting the CRYPTOTFMREQMAYBACKLOG flag on requests to the crypto API, cryptoaeadencrypt and cryptoaeaddecrypt functions can return -EBUSY instead of -EINPROGRESS in valid situations. This issue could lead to undefined behavior and a...
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-065)
The version of kernel installed on the remote host is prior to 5.4.275-189.375. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-065 advisory. 2024-05-23: CVE-2024-26923 was added to this advisory. A flaw was found in the smb client in the Linux...
net: tls: handle backlogging of crypto requests
...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
kernel: tls: handle backlogging of crypto requests
A flaw was found in the tls subsystem of the Linux kernel. When setting the CRYPTOTFMREQMAYBACKLOG flag on requests to the crypto API, cryptoaeadencrypt and cryptoaeaddecrypt functions can return -EBUSY instead of -EINPROGRESS in valid situations. This issue could lead to undefined behavior and a...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
RHEL 9 : kernel (RHSA-2024:1881)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1881 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Marvin vulnerability...
SUSE CVE-2024-26584
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTOTFMREQMAYBACKLOG flag on our requests to the crypto API, cryptoaeadencrypt,decrypt can return -EBUSY instead of -EINPROGRESS in valid situations. For...
AZL-40183 CVE-2024-26584 affecting package kernel for versions less than 5.15.158.2-1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTOTFMREQMAYBACKLOG flag on our requests to the crypto API, cryptoaeadencrypt,decrypt can return -EBUSY instead of -EINPROGRESS in valid situations. For...
CVE-2024-26584
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTOTFMREQMAYBACKLOG flag on our requests to the crypto API, cryptoaeadencrypt,decrypt can return -EBUSY instead of -EINPROGRESS in valid situations. For...
CVE-2024-26584
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTOTFMREQMAYBACKLOG flag on our requests to the crypto API, cryptoaeadencrypt,decrypt can return -EBUSY instead of -EINPROGRESS in valid situations. For...
UBUNTU-CVE-2024-26584
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTOTFMREQMAYBACKLOG flag on our requests to the crypto API, cryptoaeadencrypt,decrypt can return -EBUSY instead of -EINPROGRESS in valid situations. For...
CVE-2024-26584 net: tls: handle backlogging of crypto requests
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTOTFMREQMAYBACKLOG flag on our requests to the crypto API, cryptoaeadencrypt,decrypt can return -EBUSY instead of -EINPROGRESS in valid situations. For...