16 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Libgcrypt vulnerabilities (USN-8319-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8319-1 advisory. It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue t...
USN-8319-1: Libgcrypt vulnerabilities
It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue to cause Libgcrypt to crash, resulting in a denial of service. CVE-2026-41989 It was discovered that Libgcrypt incorrectly handled Dilithium signing. An attacker could possibly...
USN-8319-1 libgcrypt20 vulnerabilities
It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue to cause Libgcrypt to crash, resulting in a denial of service. CVE-2026-41989 It was discovered that Libgcrypt incorrectly handled Dilithium signing. An attacker could possibly...
JLSEC-2026-497 Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds...
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a bounds check when writing to a static array. While the data involved is not directly controlled by an attacker, this vulnerability could lead to memory corruption, potentially resulting in a denial ...
SUSE CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
EUVD-2026-25193
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
UBUNTU-CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
CVE-2026-41990 affects Libgcrypt prior to 1.12.2, where Dilithium signing mishandles a static array write that lacks a bounds check. The issue does not use attacker-controlled data. CVSSv3.1 base metrics indicate a Medium risk (4.0) with LOCAL attack vector, HIGH complexity, NONE privileges, and ...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
Linux Distros Unpatched Vulnerability : CVE-2026-41990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data. CVE-2026-41990 Note...