194 matches found
CVE-2024-43108 goTenna Pro ATAK Plugin Missing Support for Integrity Check
The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is advised to continue to use encryption in the plugin and update to the curre...
CVE-2024-47123
CVE-2024-47123 is tied to the goTenna Pro family where AES-CTR is used for short encrypted messages without an integrity check. The root cause is lack of message integrity protection, which makes ciphertext malleable and could compromise confidentiality/integrity of communications on affected dev...
CVE-2024-47123 Missing Support for Integrity Check in goTenna Pro
The goTenna Pro App uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is recommended to continue to use encryption in the app and update to the current...
CVE-2024-47123 Missing Support for Integrity Check in goTenna Pro
The goTenna Pro App uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is recommended to continue to use encryption in the app and update to the current...
NewStart CGSL MAIN 6.02 : libssh Multiple Vulnerabilities (NS-SA-2024-0052)
The remote NewStart CGSL host, running version MAIN 6.02, has libssh packages installed that are affected by multiple vulnerabilities: - The RANDbytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator PRNG,...
DEBIAN-CVE-2024-45157
An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLSPSAHMACDRBGMDTYPE does not cause the PSA subsystem to use HMACDRBG: it uses HMACDRBG only when MBEDTLSPSACRYPTOEXTERNALRNG and...
ALPINE-CVE-2024-45157
An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLSPSAHMACDRBGMDTYPE does not cause the PSA subsystem to use HMACDRBG: it uses HMACDRBG only when MBEDTLSPSACRYPTOEXTERNALRNG and...
CVE-2024-25077
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without invalidating the signature used for secureboot image verification. Becau...
CVE-2024-25077
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without invalidating the signature used for secureboot image verification. Becau...
CVE-2024-25077
CVE-2024-25077 affects Renesas SmartBond DA14691/DA14695/DA14697/DA14699. The issue: the Nonce used for on-the-fly flash decryption is stored in an unsigned header, allowing modification without invalidating the secure-boot signature. The decryption engine uses AES in CTR mode without authenticat...
PT-2024-20728 · Renesas · Renesas Smartbond
Name of the Vulnerable Software and Affected Versions: Renesas SmartBond versions DA14691, DA14695, DA14697, and DA14699 Description: An issue was discovered where the Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without...
kernel: crypto: s390/aes - Fix buffer overread in CTR mode
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...
DEBIAN-CVE-2021-4439
In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cmtp session to a controller and run a kernel thread to process cmtp. modulegetTHISMODULE; session-task = kthreadruncmtpsession, sessio...
UBUNTU-CVE-2021-4439
In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cmtp session to a controller and run a kernel thread to process cmtp. modulegetTHISMODULE; session-task = kthreadruncmtpsession, sessio...
CVE-2021-4439
In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cmtp session to a controller and run a kernel thread to process cmtp. modulegetTHISMODULE; session-task = kthreadruncmtpsession, sessio...
CVE-2021-4439 isdn: cpai: check ctr->cnr to avoid array index out of bound
In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cmtp session to a controller and run a kernel thread to process cmtp. modulegetTHISMODULE; session-task = kthreadruncmtpsession, sessio...
CVE-2024-36926 powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...
CVE-2024-36926
CVE-2024-36926 affects the Linux kernel on PowerPC pseries hardware, where LPARs boot with a frozen PE may lack the ibm,dma-window property. This can cause a NULL pointer dereference while configuring PCI, leading to an oops/panic during boot. The vulnerability is described with kernel traces (pc...
Insecure Direct Object Reference (IDOR) / Weak Encryption
nzo/url-encryptor-bundle is vulnerable to a Insecure Direct Object Reference IDOR. This vulnerability is due to a lack of mandatory key and initialization vector IV requirements, which makes the aes-256-ctr algorithm susceptible to malleability attacks. It allows attackers to decrypt and modify...
SUSE CVE-2023-52669
In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...