31 matches found
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes – Fix for buffer overreading in CTR mode When processing the last block, the s390 CTR code will always read a whole block, even if there is no data left in that block. This issue is fixed by using the actual...
SUSE-SU-2026:21404-1 Security update for bouncycastle
This update for bouncycastle fixes the following issues: - Update to version 1.84: - CVE-2025-14813: GOSTCTR implementation unable to process more than 255 blocks correctly bsc1262225. - CVE-2026-0636: LDAP Injection Vulnerability in LDAPStoreHelper.java bsc1262226. - CVE-2026-3505: Unbounded PGP...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006937)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006937 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr...
CVE-2024-43108
CVE-2024-43108 affects the goTenna Pro ATAK Plugin. The vulnerability is due to AES-CTR encryption for short messages without any integrity checking, making messages malleable to an attacker who can access the message. Affected versions include 1.9.12 and earlier; mitigation guidance recommends u...
CVE-2024-47123 Missing Support for Integrity Check in goTenna Pro
The goTenna Pro App uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is recommended to continue to use encryption in the app and update to the current...
CVE-2024-25077
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without invalidating the signature used for secureboot image verification. Becau...
CVE-2024-25077
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without invalidating the signature used for secureboot image verification. Becau...
CVE-2024-25077
CVE-2024-25077 affects Renesas SmartBond DA14691/DA14695/DA14697/DA14699. The issue: the Nonce used for on-the-fly flash decryption is stored in an unsigned header, allowing modification without invalidating the secure-boot signature. The decryption engine uses AES in CTR mode without authenticat...
PT-2024-20728 · Renesas · Renesas Smartbond
Name of the Vulnerable Software and Affected Versions: Renesas SmartBond versions DA14691, DA14695, DA14697, and DA14699 Description: An issue was discovered where the Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without...
kernel: crypto: s390/aes - Fix buffer overread in CTR mode
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
SUSE CVE-2023-52669
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
CVE-2023-52669
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
CVE-2023-52669
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
CVE-2023-52669 crypto: s390/aes - Fix buffer overread in CTR mode
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
CVE-2023-52669
CVE-2023-52669 : In the Linux kernel, the s390/aes CTR code can overread the last block when data length isn’t a full block. The fix uses the actual remaining length and copies it into a buffer before processing, eliminating the overread. This is a local-attack surface issue that could enable a d...
CVE-2023-52669 crypto: s390/aes - Fix buffer overread in CTR mode
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
CVE-2023-52669 crypto: s390/aes - Fix buffer overread in CTR mode
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
CVE-2023-52669
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
GHSA-7F33-F4F5-XWGW In-band key negotiation issue in AWS S3 Crypto SDK for golang
Summary The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures without revealing the plaintext...