10 matches found
SUSE-SU-2026:21654-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
Unbreakable Enterprise kernel security update
5.15.0-320.202.8.2 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39344515 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344515 CVE-2026-43284 5.15.0-320.202.8.1 - x86/CPU/AMD: Add a fix for AMD-SB-7052 Prathyushi Nangia Orabug...
Linux Distros Unpatched Vulnerability : CVE-2026-43284
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a...
Linux Distros Unpatched Vulnerability : CVE-2025-27498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the...
CVE-2025-27498
aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...
UBUNTU-CVE-2025-27498
aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...
CVE-2025-27498
aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...
RUSTSEC-2023-0096 Plaintext exposed in decrypt_in_place_detached even on tag verification failure
Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...
CVE-2023-42811
aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...
AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure
In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails...