15 matches found
CVE-2026-43362
CVE-2026-43362 affects the Linux kernel SMB client by an in-place encryption flaw in SMB2_write(), where the write payload could be replaced with ciphertext during retries on unstable connections. The root cause is that smb3_init_transform_rq() shares rq_iov, causing crypt_message() to in-place-e...
SUSE-SU-2026:21526-1 Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before...
Moderate: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
CVE-2022-50341 cifs: fix oops during encryption
In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...
CVE-2022-50341 cifs: fix oops during encryption
In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...
Laravel RCE vulnerability in "cookie" session driver
Application's using the "cookie" session driver were the primary applications affected by this vulnerability. Since we have not yet released a security release for the Laravel 5.5 version of the framework, we recommend that all applications running Laravel 5.5 and earlier do not use the "cookie"...
CVE-2024-26763 dm-crypt: don't modify the data when using authenticated encryption
In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...
SUSE-SU-2022:2328-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode bsc1201099...
SUSE-SU-2022:2311-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode bsc1201099...
SUSE-SU-2022:0263-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19783 fixes several issues. The following security issues were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi...
SUSE-SU-2021:3759-1 Security update for postgresql14
This update for postgresql14 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake bsc1192516. - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake bsc1192516. - Let rpmlint ignore...
OPENSUSE-SU-2021:1416-1 Security update for fetchmail
This update for fetchmail fixes the following issues: - CVE-2021-39272: Fix failure to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. bsc1190069 This update was imported from the SUSE:SLE-15:Update update project...
USN-4306-1: Dino vulnerabilities
It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs...
SUSE-SU-2019:0609-1 Security update for mariadb
This update for mariadb to version 10.2.22 fixes the following issues: Security issues fixed bsc1122198: - CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service. - CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise and lead to...
openSUSE Security Update : qpdf (openSUSE-2018-176)
This version update for qpdf to 7.1.1 fixes the following issues : - Update to version 7.1.1 - Fix one linearization bug affecting files whose first /ID component is not 16 bytes long - Update to version 7.1.0 - Allow raw encryption key to be specified in libary and command line with the...