UBUNTU-CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

SUSE-SU-2026:1724-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.34 fixes one security issue The following security issue was fixed: - CVE-2026-31431: crypto: algifaead - Revert to operating out-of-place bsc1263689...

CVE-2026-22863

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.6.0, node:crypto doesn't finalize cipher. The vulnerability allows an attacker to have infinite encryptions. This can lead to naive attempts at brute forcing, as well as more refined attacks with the goal to learn the server...

SM2-PKE has 32-bit Biased Nonce Vulnerability

Summary A critical vulnerability exists in the SM2 Public Key Encryption PKE implementation where the ephemeral nonce k is generated with severely reduced entropy. A unit mismatch error causes the nonce generation function to request only 32 bits of randomness instead of the expected 256 bits. Th...

EUVD-2024-37895

Malicious code in bioql PyPI...

python3.12-cryptography bug fix and enhancement update

An update is available for python3.12-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

SUSE CVE-2024-39312

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...

PT-2024-7717 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the crypto component of the Linux kernel, specifically with the algif hash function. When a zero-length message is hashed by algif hash and an error is triggere...

DEBIAN-CVE-2020-13398

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds OOB write vulnerability has been detected in cryptorsacommon in libfreerdp/crypto/crypto.c...

kernel: crypto: GPF in lrw_crypt caused by null-deref

The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...