Lucene search
K

10 matches found

OSV
OSV
added 2026/05/14 6:30 a.m.5 views

SUSE-SU-2026:21654-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS5.8AI score0.93235EPSS
Exploits31References3
Oracle linux
Oracle linux
added 2026/05/10 12:0 a.m.28 views

Unbreakable Enterprise kernel security update

5.15.0-320.202.8.2 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39344515 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344515 CVE-2026-43284 5.15.0-320.202.8.1 - x86/CPU/AMD: Add a fix for AMD-SB-7052 Prathyushi Nangia Orabug...

8.8CVSS6.3AI score0.96267EPSS
Exploits255
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-43284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a...

8.8CVSS6.5AI score0.93235EPSS
Exploits31References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-27498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the...

5.6CVSS5.8AI score0.00117EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/06 2:0 a.m.19 views

CVE-2025-27498

aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...

5.6CVSS6.8AI score0.00117EPSS
Exploits0References1
OSV
OSV
added 2025/03/03 5:15 p.m.1 views

UBUNTU-CVE-2025-27498

aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...

5.6CVSS5.8AI score0.00117EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/03/03 4:52 p.m.5 views

CVE-2025-27498

aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...

5.6CVSS5.3AI score0.00117EPSS
Exploits0
OSV
OSV
added 2023/11/22 12:0 p.m.4 views

RUSTSEC-2023-0096 Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

4.7CVSS7AI score0.00262EPSS
Exploits1References3
NVD
NVD
added 2023/09/22 4:15 p.m.25 views

CVE-2023-42811

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

5.5CVSS5AI score0.00262EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
added 2023/09/22 12:0 a.m.8 views

AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails...

5.5CVSS6.1AI score0.00262EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder