Linux Distros Unpatched Vulnerability : CVE-2023-53373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free dat...

PT-2025-37483

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's crypto/arm/poly1305 module where register corruption can occur in non-SIMD contexts. This issue arises from the removal of a SIMD usability check,...

CVE-2025-39777 crypto: acomp - Fix CFI failure due to type punning

In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - Fix CFI failure due to type punning To avoid a crash when control flow integrity is enabled, make the workspace "stream" free function use a consistent type, and call it through a function pointer that has that sa...

Linux Distros Unpatched Vulnerability : CVE-2025-38590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an...

Linux Distros Unpatched Vulnerability : CVE-2024-26877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling cryptofinalizerequest, BH shoul...

Linux Distros Unpatched Vulnerability : CVE-2021-47056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADFSTATUSPFRUNNING should be set after adfdevinit ADFSTATUSPFRUNNING is only...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm – injects an error before stopping the queue. The master OOO cannot be completely closed when the accelerator core reports a memory error. Therefore, the driver needs to inject the qm error to close the maste...

CVE-2024-53162

Linux kernel vulnerability CVE-2024-53162 in crypto: qat/qat_4xxx driver. Off-by-one in uof_get_name() can trigger out-of-bounds read when iterating fw_objs[] (/fw_objs has num_objs elements). The fix changes a comparison from > to >= to prevent reading beyond the array. No exploitation det...

DEBIAN-CVE-2024-47732

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The freedevicecompressionmodeiaadevice, devicemode function frees "devicemode" but it iss passed to iaacompressionmodesi-free a few lines later resulting in a use after free. The goo...

kernel: crypto: bcm - Fix pointer arithmetic

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer boundaries. Fix this bug by changing ciphkeylen to hashivlen. Found by...

kernel: crypto: bcm - Fix pointer arithmetic

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer boundaries. Fix this bug by changing ciphkeylen to hashivlen. Found by...

CVE-2024-43815 crypto: mxs-dcp - Ensure payload is zero when using key slot

In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory through the payload field when running AES with a key from one of the hardware's key slots. Fix this by ensuring the payload field is set to ...

SUSE CVE-2024-39478

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations...

kernel: local dos vulnerability in scatterwalk_copychunks

A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their...

DEBIAN-CVE-2023-52813

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as follows: INFO: task cryptomgrtest:391009 blocked for more than 120 seconds. "echo 0 /proc/sys/kernel/hungtasktimeoutsecs" disables this...

The vulnerability of the sun8i-ce_cipher_do_one() function in the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c file of the Allwinner Crypto Engine driver for the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the sun8icecipherdoone function in the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c file of the Allwinner Crypto Engine driver for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker...

DEBIAN-CVE-2021-47056

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADFSTATUSPFRUNNING should be set after adfdevinit ADFSTATUSPFRUNNING is only used and checked by adfvf2pfshutdown before calling adfiovputmsg-mutexlockvf2pflock, however the vf2pflock is initialized in adfdevinit,...

SUSE CVE-2018-14619

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each afalgctx was freed instead of when the aeadtfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bein...

PT-2022-36386 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.225 Description: The issue concerns a potential race in kcm tx work. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.4.225, update ...

NVIDIA Jetson 资源管理错误漏洞

Nvidia NVIDIA Jetson is an embedded system development module from Nvidia Corporation. A resource management error vulnerability exists in various NVIDIA Jetson software, which originates from a post-release reuse error in the kernel crypto node. An attacker could exploit this vulnerability to...