Linux Distros Unpatched Vulnerability : CVE-2009-0217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools...

DEBIAN-CVE-2022-49339

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a fre...

UBUNTU-CVE-2022-49339

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a fre...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from seg6hmacinit being marked as init and exported, which could cause the kernel to crash...

SUSE CVE-2024-9355

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override

A flaw was discovered in python-cryptography. A NULL pointer dereference can be triggered when a PKCS12 key and certificate do not match. Specifically, if the pkcs12.serializekeyandcertificates function is called with a non-matching certificate and private key and an encryption algorithm with...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fixed a memory leak in seg6hmacinitalgo. seg6hmacinitalgo returns without cleaning up previously allocated memory. If this happens, all that memory will be leaked, potentially causing issues with crypto-related function...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fixed an invalid unregistererrorpath path. The error path of seg6init is incorrect when the CONFIGIPV6SEG6LWTUNNEL configuration option is not defined. In such cases, if seg6hmacinit fails, the genlunregisterfamily...

CVE-2024-53356

Weak JWT Secret vulnerabilitiy in EasyVirt DCScope = 8.6.0 and CO2Scope = 1.3.0 allows remote attackers to generate JWT for privilege escalation. The HMAC secret used for generating tokens is hardcoded as "somerandomaccesstoken". A weak HMAC secret poses a risk because attackers can use the...

CVE-2024-21461

Memory corruption while performing finish HMAC operation when context is freed by keymaster...

PT-2025-2960 · Easyvirt · Easyvirt Dcscope

Name of the Vulnerable Software and Affected Versions: EasyVirt DCScope versions 8.6.0 and earlier CO2Scope versions 1.3.0 and earlier Description: The issue allows remote attackers to generate JSON Web Tokens JWTs for privilege escalation due to a weak JWT secret. The HMAC secret used for...

SUSE CVE-2025-21640

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

AZL-57232 CVE-2025-21640 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

DEBIAN-CVE-2025-21640

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

UBUNTU-CVE-2025-21640

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

CVE-2025-21640

Summary (CVE-2025-21640) : In the Linux kernel, the sctp: sysctl: cookie_hmac_alg path was fixed to avoid using current->nsproxy. The root cause involved dereferencing current->nsproxy (which can be NULL, e.g., when the task is exiting), leading to an OOPs condition. The patch replaces the ...

CVE-2025-21640

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

BIT-PYTHON-MIN-2022-48566

An issue was discovered in comparedigest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.comparedigest...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from insufficient error checking in the ahashhmacinit function in the crypto:bcm module...

The vulnerability of the tpm_buf_check_hmac_response() function in the Linux operating system’s TPM kernel allows a hacker to induce a service failure.

The vulnerability of the tpmbufcheckhmacresponse function in the drivers/char/tpm/tpm2-sessions.c file of the Trusted Platform Module TPM driver for the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a servic...