Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2026/06/08 2:12 a.m.12 views

libssh: Incorrect Return Code Handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.6AI score0.00407EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005085)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005085 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that...

4.1CVSS6.8AI score0.00228EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989804)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989804 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that...

4.1CVSS6.3AI score0.00228EPSS
Exploits0References3
OSV
OSV
added 2025/10/07 5:12 p.m.6 views

CLSA-2025-1759857168 libssh: Fix of CVE-2025-5372

CVE-2025-5372: uninitialized key buffers caused by inconsistent sshkdf return value...

8.8CVSS6.8AI score0.00407EPSS
Exploits0References1
OSV
OSV
added 2025/10/01 2:54 p.m.10 views

CLSA-2025-1759330475 libssh: Fix of CVE-2025-5372

CVE-2025-5372: uninitialized key buffers caused by inconsistent sshkdf return value...

8.8CVSS6.8AI score0.00407EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher – The key buffer is zeroed after use. I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroed once they are no longer needed. This is achieved by using...

4.1CVSS6.3AI score0.00228EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/08/06 1:58 a.m.4 views

SUSE CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.5AI score0.00228EPSS
Exploits0References17
OSV
OSV
added 2024/07/30 8:15 a.m.16 views

AZL-47204 CVE-2024-42229 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.5AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/07/30 8:15 a.m.3 views

DEBIAN-CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS5.6AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/07/30 8:15 a.m.7 views

AZL-47100 CVE-2024-42229 affecting package kernel for versions less than 5.15.164.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.5AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/07/30 8:15 a.m.3 views

UBUNTU-CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

4.1CVSS6.3AI score0.00228EPSS
Exploits0References34
Rows per page
Query Builder