17 matches found
CVE-2026-52936
A flaw was found in the Linux kernel's jitterentropy cryptographic module. A long-held spinlock during entropy collection could cause parallel readers to stall. This issue allows a local attacker to trigger a Denial of Service DoS by causing contention for the shared lock, making the system...
CVE-2026-52936
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
UBUNTU-CVE-2026-52936
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
EUVD-2026-38706
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
CVE-2026-52936
The CVE-2026-52936 entry describes a Linux kernel fix in crypto/jitterentropy where the jent_kcapi_random() path previously held a spinlock across jent_read_entropy(), causing potential stalls during entropy generation. The vulnerability arises because this spinlock protected an expensive operati...
CVE-2026-52936
In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...
PT-2026-51729
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The jent kcapi random function serializes the shared jitterentropy state by holding a spinlock during the jent read entropy call. Because this process involves expensive jitter collectio...
Linux Distros Unpatched Vulnerability : CVE-2026-52936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock acros...
jitterentropy bug fix and enhancement update
An update is available for jitterentropy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2024-28835: certtool crash when verifying a certificate chain bsc1221747 CVE-2024-28834: Fixed side-channel in the deterministic ECDSA bsc1221746 jitterentropy: Release the memory of the entropy collector when using jitterentropy with phtread...
SUSE-SU-2025:20017-1 Security update for gnutls
This update for gnutls fixes the following issues: - CVE-2024-28835: certtool crash when verifying a certificate chain bsc1221747 - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA bsc1221746 - jitterentropy: Release the memory of the entropy collector when using jitterentropy with...
SUSE-SU-2025:20014-1 Security update for openssl-3, libpulp, ulp-macros
This update for openssl-3, libpulp, ulp-macros fixes the following issues: openssl-3: - CVE-2024-6119: possible denial of service in X.509 name checks bsc1229465 - CVE-2024-5535: SSLselectnextproto buffer overread bsc1227138 - CVE-2024-4741: Fixed a use-after-free with SSLfreebuffers bsc1225551 -...
SUSE-SU-2024:3106-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2024-6119: Fixed denial of service in X.509 name checks bsc1229465 Other fixes: - FIPS: Deny SHA-1 signature verification in FIPS provider bsc1221365. - FIPS: RSA keygen PCT requirements. - FIPS: Check that the fips provider is available...
SUSE SLES15: gnutls / libgnutls-devel / libgnutls30 / libgnutls30-32bit / etc (SUSE-SU-2024:1271-2)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1271-2 advisory. - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA bsc1221746 - CVE-2024-28835: Fixed denial of service during...
SUSE-SU-2024:1271-3 Security update for gnutls
This update for gnutls fixes the following issues: - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA bsc1221746 - CVE-2024-28835: Fixed denial of service during certificate chain verification bsc1221747 Other fixes: - jitterentropy: Release the memory of the entropy collector when...
jitterentropy bug fix and enhancement update
An update is available for jitterentropy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...
new packages: jitterentropy
An update is available for jitterentropy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...