8 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the PasswordHash API endpoint. An attacker can exhaust server memory and cause service disruption by sending multiple concurrent requests to trigger excessive memory allocation...
SUSE SLES15 Security Update : kernel (Live Patch 36 for SLE 15 SP4) (SUSE-SU-2025:02897-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02897-1 advisory. This update for the Linux Kernel 5.14.21-15040024150 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID:...
Linux Distros Unpatched Vulnerability : CVE-2022-49911
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: enforce documented limit to prevent allocating huge memory Daniel Xu...
Linux Distros Unpatched Vulnerability : CVE-2017-17806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing ...
UBUNTU-CVE-2025-38079
In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...
SUSE CVE-2017-17806
The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...
kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service
The HMAC implementation crypto/hmac.c in the Linux kernel, before 4.14.8, does not validate that the underlying cryptographic hash algorithm is unkeyed. This allows a local attacker, able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3, ...
UBUNTU-CVE-2017-17806
The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...