1473 matches found
ALSA-2026:A005 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
ALSA-2026:A006 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Linux Distros Unpatched Vulnerability : CVE-2026-43284
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
CLSA-2026-1777566580 openssl: Fix of CVE-2026-28390
CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1646)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1646 advisory. In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been...
SUSE CVE-2026-31719
In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...
Linux Distros Unpatched Vulnerability : CVE-2026-31719
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own...
CVE-2026-31719
In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...
CVE-2026-31719 crypto: krb5enc - fix async decrypt skipping hash verification
In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...
CVE-2026-31719
CVE-2026-31719 concerns the Linux kernel crypto/krb5enc async decrypt path where the skcipher completion could bypass the hash verification, bypassing integrity checks. The root cause is krb5enc_dispatch_decrypt() signaling completion without invoking krb5enc_dispatch_decrypt_hash(). The fix adds...
CVE-2026-31719
In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...
CLSA-2026-1777641037 kernel-uek: Fix of CVE-2026-31431
crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...
PT-2026-36349
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the krb5enc dispatch decrypt function allows asynchronous decryption to bypass integrity verification. The function sets the caller's completion handler as the callback, which...
Cisco Firepower Threat Defense (FTD) Software SSL Decryption Policy DoS (cisco-sa-ftd-dnd-dos-bpEcg7B7)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated,...
CLSA-2026-1777567430 openssl: Fix of CVE-2026-28390
CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...
CLSA-2026-1777567181 openssl: Fix of CVE-2026-28390
CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...
CLSA-2026-1777452099 nettle: Fix of CVE-2021-3580
CVE-2021-3580: add input validation to RSA decrypt family and length check to pkcs1secdecrypt...
CLSA-2026-1777451834 nettle: Fix of CVE-2021-3580
CVE-2021-3580: add input validation to RSA decrypt family and length check to pkcs1secdecrypt...