46 matches found
CVE-2026-46033
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequen...
UBUNTU-CVE-2026-46033
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequen...
EUVD-2026-32414
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequen...
CVE-2026-46033
CVE-2026-46033 affects the Linux kernel crypto/authencesn path. The flaw allowed authenc esn instances to inherit an invalid default authsize (digest sizes 1–3) because crypto_authenc_esn_create() copied digestsize into inst->alg.maxauthsize without validation, while setauthsize() already reje...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: dm integrity: Memory corruption occurs when tagsize is less than digestsize. It is possible to configure dm-integrity in such a way that the tagsize parameter is smaller than the actual digest size. In this case, a portion of the...
SUSE CVE-2026-39853
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...
DEBIAN-CVE-2026-5194
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...
CVE-2026-5194
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...
UBUNTU-CVE-2026-5194
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...
CVE-2026-5194
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...
CVE-2026-5194 wolfSSL ECDSA Certificate Verification
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...
CVE-2026-5194
The CVE-2026-5194 issue concerns wolfSSL’s ECDSA certificate verification: missing hash/digest size and OID checks may allow digests smaller than allowed for the given key type to pass verification when EdDSA or ML-DSA is enabled. This could reduce security of ECDSA certificate-based authenticati...
UBUNTU-CVE-2026-39853
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...
wolfSSL 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. wolfSSL has security vulnerabilities; these vulnerabilities stem from the lack of checks for hash digest size and OID. This could lead...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990526)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990526 advisory. In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tagsize is less than digest size It is possible to set u...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989142)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989142 advisory. In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tagsize is less than digest size It is possible to set u...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990137)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990137 advisory. In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tagsize is less than digest size It is possible to set u...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987611)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987611 advisory. In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tagsize is less than digest size It is possible to set u...
EUVD-2017-0020
Malware in sbrugna...
EUVD-2022-55159
Malicious code in bioql PyPI...