Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: Assign dhkey to NULL after kfreesensitive. ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. Therefore, it’s better to set it to NULL after a error-free release, in order to...

MiracleLinux 8 : openssl-1.1.1k-12.el8_9 (AXSA:2024-7354:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7354:01 advisory. openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 OpenSSL: Excessive time spent checking DH q parameter value CVE-2023-381...

RockyLinux 8 : openssl (RLSA-2023:7877)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7877 advisory. openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 OpenSSL: Excessive time spent checking DH q parameter value CVE-2023-3817...

EUVD-2017-17797

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-8855

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL before 3.11.0 does not prevent wcDhAgree from accepting a malformed DH key. CVE-2017-8855 Note that Nessus relies on the presence of the package as...

CVE-2017-8855

wolfSSL before 3.11.0 does not prevent wcDhAgree from accepting a malformed DH key...

Siemens SIMATIC and SCALANCE Devices Inefficient Regular Expression Complexity (CVE-2023-3446)

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

nvmet-auth: assign dh_key to NULL after kfree_sensitive

...

Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.

Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code level listed below. CVE-2023-5678. Vulnerability Details CVEID:CVE-2023-5678 DESCRIPTION: Openssl is...

SUSE CVE-2024-50215

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...

AZL-53084 CVE-2024-50215 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...

DEBIAN-CVE-2024-50215

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...

UBUNTU-CVE-2024-50215

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...

CVE-2024-50215 nvmet-auth: assign dh_key to NULL after kfree_sensitive

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the presence of a dhkey that is not set to null when released...

SUSE-SU-2024:3905-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: Security fixes: - CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Other fixes: - FIPS: AES GCM external IV implementation bsc1228618 - FIPS: Mark PBKDF2 and HKDF HMAC input keys with size = 112 bits as approved in the SLI...

CLSA-2024-1718291413 openssl: Fix of 6 CVEs

CVE-2024-0727: Fix NULL pointer dereference in processing PKCS12 files, preventing potential DoS attack - CVE-2023-6129: Fix POLY1305 MAC implementation bug that corrupts internal state on PowerPC CPUs with vector instructions - CVE-2023-5678: Fix issue with excessively long X9.42 DH keys or...

EulerOS Virtualization 3.0.6.0 : compat-openssl10 (EulerOS-SA-2024-1675)

According to the versions of the compat-openssl10 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be...

EulerOS Virtualization 3.0.6.0 : shim (EulerOS-SA-2024-1706)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to...

Siemens SIMATIC and SCALANCE Devices Improper Check for Unusual or Exceptional Conditions (CVE-2023-5678)

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...