Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055113 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:02848-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02848-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

RUSTSEC-2025-0041 matrix-sdk-crypto vulnerable to encrypted event sender spoofing by homeserver administrator

matrix-sdk-crypto versions 0.8.0 up to and including 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those events appear to the recipient as if they were sent by another user. Although th...

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints CVE-2024-45341 golang: net/http: net/http: sensitive headers incorrectly sent after...

GO-2025-3447 Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec

Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private...

Security Bulletin: IBM Security Guardium is affected by path traversal and crypto vulnerabilities (CVE-2021-29425, CVE-2021-39076)

Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker coul...

GSD-2021-1000476 crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init

crypto: qat - ADFSTATUSPFRUNNING should be set after adfdevinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.233 by commit...

Security Bulletin: FileNet Capture is affected by GSKit and GSKit-Crypto vulnerabilities

Summary FileNet Capture has addressed multiple GSKit and GSKit-Crypto vulnerabilities. Vulnerability Details CVEID: CVE-2017-3732 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagating bug in the x8664 Montgomery squaring procedure. An...

Deluge of Apple Patches Fix Vulnerabilities in OS X, iOS, Safari, and More

In addition to fixing the serious crypto vulnerabilities in iMessage that surfaced yesterday, Apple also deployed patches for nearly all of its products, including Safari, OS X, iOS, Apple TV’s tvOS, and watchOS. The iOS update, 9.3, is arguably the most pressing given the cryptographic issue dug...

EMC RSA BSAFE multiple security vulnerabilities

Integer overflow in base64 decode, multiple crypto vulnerabilities...

stunnel crypto vulnerabilities

Entropy pools are reused if fork if used for threading...

[SECURITY] [DSA-361-2] New kdelibs-crypto packages fix multiple vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 361-2 [email protected] http://www.debian.org/security/ Matt Zimmerman August 9th, 2003 http://www.debian.org/security/faq -...