34 matches found
CVE-2026-23519
The CVE-2026-23519 entry describes RustCrypto CMOV, which provides conditional move CPU intrinsics. The vulnerability concerns the thumbv6m-none-eabi target (Cortex-M0, M0+, M1) where the compiler emitted non-constant-time assembly for cmovnz prior to version 0.4.4. The issue affects how conditio...
CVE-2026-23519 RustCrypto cmov: thumbv6m-none-eabi compiler emits non-constant time assembly when using cmovnz
RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz...
CVE-2026-23519 RustCrypto cmov: thumbv6m-none-eabi compiler emits non-constant time assembly when using cmovnz
RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz...
CVE-2026-23519
RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz...
RustCrypto Utilities cmov: `thumbv6m-none-eabi` compiler emits non-constant time assembly when using `cmovnz`
Summary thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz portable version. I did not found any other target with the same behaviour but I did not go through all targets supported by Rust. Details It seems that, during mask computation, an LLVM...
EUVD-2016-7250
Malware in sbrugna...
K56061418: glibc vulnerability CVE-2016-6323
Security Advisory Description The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
CVE-2021-4034 Precompiled builds for CVE-2021-4034. Of course...
[SECURITY] [DLA 2714-1] linux-4.19 security update
Debian LTS Advisory DLA-2714-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.194-3deb9u1 CVE ID : CVE-2020-36311 CVE-2021-3609 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Several...
Fedora: Security Advisory for arm-none-eabi-newlib (FEDORA-2021-0fa2f42d3c)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 33 : arm-none-eabi-newlib (2021-267c08cc40)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-267c08cc40 advisory. - A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nanomemalign,...
Fedora 32 : arm-none-eabi-newlib (2021-332fb9c796)
The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-332fb9c796 advisory. - A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nanomemalign,...
Fedora: Security Advisory for arm-none-eabi-newlib (FEDORA-2021-332fb9c796)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for arm-none-eabi-newlib (FEDORA-2021-267c08cc40)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: arm-none-eabi-newlib-4.1.0-1.fc33
Newlib is a C library intended for use on embedded systems. It is a conglomeration of several library parts, all under free software licenses that make them easily usable on embedded products...
CVE-2016-6323
The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by applications compiled using gccg...
CVE-2016-6323
The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by applications compiled using gccg...
CVE-2016-6323
The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by applications compiled using gccg...
Session fixation
The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by applications compiled using gccg...
CVE-2016-6323
The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by applications compiled using gccg...