SUSE SLES15 Security Update : kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1877-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1877-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.136 fixes one security issue The following security issue was fixed: - CVE-2026-4328...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed an oops during encryption When running xfstests against Azure, the following oops occurred on an arm64 system: Unable to handle kernel writes to read-only memory at virtual address ffff0001221cf000 Mem abort info:...

GHSA-9JPJ-CPH8-W449 Langflow: Cleartext Storage of Authentication Settings in Project Creation Endpoint

A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function createproject/encryptauthsettings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument authsetting...

CVE-2026-34992

Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to 2.4.5 and 2.5.2, a missing encryption vulnerability affects inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fail...

RHEL 8 : kernel (RHSA-2026:2664)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2664 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: fix oops during encrypti...

kernel: cifs: fix oops during encryption

An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...

CLSA-2026-1770040438 kernel: Fix of 14 CVEs

efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 - libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 - scsi: lpfc: Fix...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992942)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992942 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred ...

kernel: cifs: fix oops during encryption

An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...

Linux Distros Unpatched Vulnerability : CVE-2022-50341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only...

DEBIAN-CVE-2022-50341

In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...

CVE-2022-50341

In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...

CVE-2022-50341

CVE-2022-50341 is a Linux kernel CIFS vulnerability where an oops could occur during encryption due to writing into a vmalloc-backed stack buffer in scatterwalk_copychunks. The issue was fixed by adjusting how buffers are mapped and used during SMB3 encryption (cifs_sg_set_buf and crypt_message f...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM Semeru Runtime used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Semeru Runtime Quarterly CPU - Apr 2025 - Includes OpenJDK April 2025 CPU pl...

Linux Distros Unpatched Vulnerability : CVE-2023-46129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The...

CVE-2023-21652

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use...

kernel: cifs: fix oops during encryption

An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...

CVE-2024-8013

A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryp...

SUSE CVE-2024-7531

Calling PK11Encrypt in NSS using CKMCHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcom...

AZL-31792 CVE-2023-46129 affecting package telegraf for versions less than 1.27.4-1

NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server...