DEBIAN-CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

CVE-2017-17806

CVE-2017-17806 affects the Linux kernel before 4.14.8. The HMAC implementation (crypto/hmac.c) does not validate that the underlying hash algorithm is unkeyed, allowing a local attacker who can use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and SHA-3 (CONFIG_CRYPTO_SHA3) to tri...

CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

PT-2017-15012 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.8 Description: The HMAC implementation in the Linux kernel does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker to cause a kernel stack buffer overflow by...

UBUNTU-CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

Timing Attacks

woocommerce is vulnerable to timing attacks. The library is vulnerable because it does not compare HMACs in constant-time, which allows malicious users to use the timing of the request to progressively identify a valid HMAC hashes...

CVE-2017-11059

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow...

CVE-2017-11059

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow...

CVE-2017-11059

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow...

Timing Attack

namshi/jose is vulnerable to timing attack. The vulnerability exists because it does not use a constant-time comparison when verifying HMAC values...

Timing Attack

jetpack is vulnerable to timing attacks. This vulnerability is caused because the HMAC hashes are not compared in constant time, allowing malicious users to guess the valid HMAC hashes based on the time that a comparison takes...

CVE-2017-7524

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC...

Proof that HMAC-DRBG has No Back Doors

New research: "Verified Correctness and Security of mbedTLS HMAC-DRBG," by Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, and Andrew W. Appel. Abstract: We have formalized the functional specification of HMAC-DRBG NIST 800-90A, and we have proved its...

PYSEC-2017-24

In PyJWT 1.5.0 and below the invalidstrings check in HMACAlgorithm.preparekey does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string -----BEGIN RSA PUBLIC KEY----- which is not accounted for. This enable...

Padding Oracle Attack

nimbus-jose-jwt is vulnerable to padding oracle attacks. It does not act correctly if an invalid HMAC is detected in authenticated AES-CBC decryption...

Authentication Bypass

nimbus-jose-jwt is vulnerable to authentication bypass. The bypass exists because the library ignores the checking of integer-overflow when converting length values from bytes to bits. A malicious user can shift Additional Authenticated Data AAD and ciphertext, resulting in a different plaintext...

Nimbus JOSE+JWT Security Bypass Vulnerability

Nimbus JOSE+JWT is an open source Java library . Nimbus JOSE+JWT fails to perform integer overflow detection, allowing remote attackers to exploit vulnerabilities to perform HMAC bypass attacks by sniffing AAD and ciphertext...

Integer overflow

In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data AAD and ciphertext so that different plaintext is obtained for the same HMAC...

CVE-2017-12972

In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data AAD and ciphertext so that different plaintext is obtained for the same HMAC...