22 matches found
CVE-2026-45900 crypto: caam - fix netdev memory leak in dpaa2_caam_probe
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix netdev memory leak in dpaa2caamprobe When commit 0e1a4d427f58 "crypto: caam: Unembed netdev structure in dpaa2" converted embedded netdevice to dynamically allocated pointers, it added cleanup in...
PT-2026-41300
Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. KSU keys using SYMCRYPTO will be impacted by this vulnerability...
EUVD-2016-4914
Malware in sbrugna...
EUVD-2016-4948
Malware in sbrugna...
EUVD-2024-37396
Malicious code in bioql PyPI...
CVE-2025-39722
The CVE-2025-39722 issue is in the Linux kernel crypto/caam suspend path for iMX8QM/iMX8ULP SoCs. Root cause: CAAM register access during suspend is reserved by SECO/OPTEE, causing suspend-time crashes unless page 0 is protected; a new state variable no_page0 tracks external reservations, and sus...
FlashVault: Versatile In-NAND Self-Encryption with Zero Area Overhead
We present FlashVault, an in-NAND self-encryption architecture that embeds a reconfigurable cryptographic engine into the unused silicon area of a state-of-the-art 4D V-NAND structure. FlashVault supports not only block ciphers for data encryption but also public-key and post-quantum algorithms f...
CVE-2024-38532
The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...
CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation
The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...
CVE-2024-38532
The CVE-2024-38532 issue affects the NXP Data Co-Processor (DCP) used in specific NXP SoCs, where the dcp_tool reference implementation selected a test key regardless of the -t argument. This root cause is addressed by patch commit 26a7. Connected sources describe the vulnerability as tied to the...
CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation
The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...
Google Nexus Qualcomm Crypto Engine Driver elevation of privilege vulnerability (CNVD-2017-03828)
Google Nexus 5X and others are smart devices from Google USA.Qualcomm crypto engine is one of the Qualcomm crypto engine drivers. A power lifting vulnerability exists in the Qualcomm crypto engine driver in Android on multiple Google devices. An attacker can exploit the vulnerability to execute...
Android Qualcomm Cryptographic Engine Driver Integer Overflow Vulnerability (CNVD-2016-09523)
Android is an open source operating system based on Linux. An integer overflow vulnerability exists in the drivers/crypto/msm/qcedev.c file in Android's Qualcomm cryptographic engine driver, allowing remote attackers to exploit the vulnerability to build malicious applications with elevated...
Android Qualcomm Cryptographic Engine Driver Integer Overflow Vulnerability
Android is an open source operating system based on Linux. A security vulnerability in the drivers/crypto/msm/qcedev.c file in Android's Qualcomm cryptographic engine driver allows remote attackers to exploit the vulnerability to build malicious applications with elevated privileges...
CVE-2016-3935
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999665 and Qualcomm...
CVE-2016-3901
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm...
CVE-2016-3901
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm...
Integer overflow
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm...
Integer overflow
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999665 and Qualcomm...
CVE-2016-3901
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm...