9 matches found
CVE-2022-49899
In the Linux kernel, the following vulnerability has been resolved: fscrypt: stop using keyrings subsystem for fscryptmasterkey The approach of fs/crypto/ internally managing the fscryptmasterkey structs as the payloads of "struct key" objects contained in a "struct key" keyring has outlived its...
CVE-2022-49899
CVE-2022-49899 concerns the Linux kernel’s fscrypt handling of fscrypt_master_key. The connected docs describe a fix that stops storing fscrypt_master_key structs as payloads inside the keyrings subsystem and instead keeps them in a regular kernel data structure with revised reference counting an...
CVE-2022-49899 fscrypt: stop using keyrings subsystem for fscrypt_master_key
In the Linux kernel, the following vulnerability has been resolved: fscrypt: stop using keyrings subsystem for fscryptmasterkey The approach of fs/crypto/ internally managing the fscryptmasterkey structs as the payloads of "struct key" objects contained in a "struct key" keyring has outlived its...
From Cyber Threat to Data Shield: Constructing Provably Secure File Erasure with Repurposed Ransomware Cryptography
Ransomware has emerged as a persistent cybersecurity threat,leveraging robust encryption schemes that often remain unbroken even after public disclosure of source code. Motivated by the technical resilience of such mechanisms, this paper presents SEER Secure and Efficient Encryption-based Erasure...
SUSE CVE-2012-4292
The dissectstunmessage function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial ...
Key transfer will destroy key if from==to
Handle kenzo Vulnerability details If calling transferFrom with from == recipient, the key will get destroyed meaning the key will be set as expired and set the owner's key to be 0. Impact A key manager or approved might accidently destroy user's token. Note: this requires user error and so I'm n...
wireshark: crash in STUN dissector (wnpa-sec-2012-21)
The dissectstunmessage function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial ...
DEBIAN-CVE-2012-4292
The dissectstunmessage function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial ...
UBUNTU-CVE-2012-4292
The dissectstunmessage function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial ...