CLSA-2026-1779467653 libssh: Fix of 4 CVEs

CVE-2025-4877: prevent base64 integer overflow and potential OOB write - CVE-2025-4878: initialize stack pointers to mitigate use of uninitialized values in legacy privatekeyfromfile path - CVE-2025-8277: fix DH-GEX packet filter and free unused ephemeral / ECDH keys to prevent memory exhaustion...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: Assign dhkey to NULL after kfreesensitive. ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. Therefore, it’s better to set it to NULL after a error-free release, in order to...

Astra Linux - уязвимость в strongswan

StrongSwan before version 5.9.12 has a buffer overflow vulnerability, and there is a possibility of unauthenticated remote code execution through a DH public key value that exceeds the internal buffer of charon-tkm’s DH proxy. The earliest affected version is 5.3.0. An attack can occur through a...

Astra Linux - уязвимость в openssl

Issue Summary: Generating excessively long X9.42 DH keys or checking overly long X9.42 DH keys or parameters can be very slow. Applications that use functions like DHgeneratekey to generate an X9.42 DH key may experience prolonged delays. Similarly, applications that use DHcheckpubkey,...

Astra Linux - уязвимость в openssl

Issue summary: Checking excessively long DH keys or parameters can be very slow. Applications that use functions such as DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the keys or parameters being checked were obtained from an untrusted...

CVE-2026-41676

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

DEBIAN-CVE-2026-34875

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys...

Oracle Linux 7 : openssl (ELSA-2026-50114)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50114 advisory. 1.0.2k-26.0.1fips - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3...

libcrux-kem (>=0.0.2 <=0.0.2-beta.3), libcrux-psq (=0.0.2-beta.3) potentially affected by unknown CVE via libcrux-ecdh (>=0.0.2-beta.3 <=0.0.2)

libcrux-ecdh CARGO version =0.0.2-beta.3, =0.0.2, =0.0.2-beta.3 - libcrux-psq =0.0.2-beta.3 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0023...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004912)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004912 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsidhalua: Fix memleak for 'qdata' in aluaactivate If aluartpgqueue failed from...

MiracleLinux 9 : openssl-3.0.7-27.el9.ML.1 (AXSA:2024-7908:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7908:04 advisory. openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries CVE-2023-2975 openssl: Excessive time...

MiracleLinux 8 : openssl-1.1.1k-12.el8_9 (AXSA:2024-7354:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7354:01 advisory. openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 OpenSSL: Excessive time spent checking DH q parameter value CVE-2023-381...

MiracleLinux 8 : edk2-20220126gitbb1bba3d77-6.el8_9.3 (AXSA:2024-7542:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7542:02 advisory. openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : openssl-1.0.2k-26.0.5.el7.AXS7 (AXSA:2025-10928:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10928:04 advisory. CVE-2023-3446: fix DHcheck excessive time with over sized modulus CVEs: CVE-2023-3446 Issue summary: Checking excessively long DH keys or parameters may be...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993016)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993016 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsidhalua: Fix memleak for 'qdata' in aluaactivate If aluartpgqueue failed from...

UBUNTU-CVE-2023-53817

In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - avoid null pointer deref in mpicmpui During NVMeTCP Authentication a controller can trigger a kernel oops by specifying the 8192 bit Diffie Hellman group and passing a correctly sized, but zeroed Diffie Hellamn...

RockyLinux 8 : openssl (RLSA-2023:7877)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7877 advisory. openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 OpenSSL: Excessive time spent checking DH q parameter value CVE-2023-3817...

SUSE-SU-2025:4123-1 Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.231 fixes various security issues The following security issues were fixed: - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. - CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. - CVE-2022-49053...

Siemens SIMATIC S7-1500 Excessive Iteration (CVE-2023-3817)

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

EUVD-2014-9548

Malware in sbrugna...