smb: client: fix potential UAF in cifs_dump_full_key()

...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed a potential Use-after-Free UAF in cifsdumpfullkey. Skipped sessions that are being terminated status == SESEXITING to avoid UAF...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsdumpfullkey CVE-2024-35866 Affected Packages: kernel Issue Correction: Run dnf update kernel --releasever 2023.7.20250414 or dnf update --advisory ALAS2023-2025-938 --releasev...

AZL-54713 CVE-2024-35866 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsdumpfullkey Skip sessions that are being teared down status == SESEXITING to avoid UAF...

PT-2024-3841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a potential use-after-free UAF vulnerability in the cifs dump full key function of the Linux kernel's SMB client implementation. This vulnerability may allow an...

GHSA-HX74-4WMC-FWVF Duplicate Advisory: EVE Has Partially Predetermined Vault Key

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wc42-fcjp-v8vq. This link is maintained to preserve external references. Original Description Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the...

CVE-2023-43637

Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the last 16 bytes predetermined to be "arfoobarfoobarfo". This issue happens because "deriveVaultKey" calls "retrieveCloudKey" which will always return "foobarfoobarfoobarfoobarfoobarfo...

EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2019-2430)

According to the versions of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in th...

CVE-2019-1547

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a group does not have...

CVE-2019-1547

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a group does not have...

Debian DSA-3960-1 : gnupg - security update

Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom discovered that GnuPG is prone to a local side-channel attack allowing full key recovery for RSA-1024. See https://eprint.iacr.org/2017/627 for...

Debian Security Advisory DSA 3901-1 (libgcrypt20 - security update)

Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom discovered that Libgcrypt is prone to a local side-channel attack allowing full key recovery for RSA-1024. See https://eprint.iacr.org/2017/627 for...

kernel: keys: NULL pointer deref in the user-defined key type

The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kernel oops via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."...