Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Return the correct error code from smb2getenckey Avoid a warning if the error is passed back up: 440700.376476 CIFS VFS: \otters.example.com cryptmessage: Could not get encryption key 440700.386947 ------------ Cut here...

SUSE-SU-2026:20825-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fix DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fix HTTP header parameter parsing algorithm bsc1254904 - Fixed KeyError i...

CVE-2022-23003

When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations. This may be...

EUVD-2022-55509

Malicious code in bioql PyPI...

DEBIAN-CVE-2022-50243

In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. The old shkey will be freeed while it's still used as active key in...

CVE-2022-50243

CVE-2022-50243 – Linux kernel SCTP use-after-free (summary from connected advisories) The vulnerability arises in SCTP when an error is returned from sctp_auth_asoc_init_active_key(): the old sh_key could be freed while still in use as the active key, leading to a use-after-free during packet sen...

CVE-2024-49847

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE...

Cannot create hosting connection for AWS "Failed to connect the AWS EC2 endpoint URL"

On entering API key and Secret key with Role Based Authentrication for AWS get the following error: Transaction ID:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Action Name: HostingEditHypervisorConnection Exception: StudioErrorId : ConnectionValidationFailure Reason : ManagedMachineGeneralException Exception :...

CVE-2024-38404

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem...

CVE-2024-54137 liboqs has a correctness error in HQC decapsulation

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is incorrectly treat...

CVE-2024-26841 LoongArch: Update cpu_sibling_map when disabling nonboot CPUs

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpusiblingmap when disabling nonboot CPUs Update cpusiblingmap when disabling nonboot CPUs by defining & calling clearcpusiblingmap, otherwise we get such errors on SMT systems: jump label: negative count!...

kernel: sctp: handle the error returned from sctp_auth_asoc_init_active_key

In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. The old shkey will be freeed while it's still used as active key in...

SUSE CVE-2019-10876

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those...

SUSE CVE-2020-13132

An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free in the ykpivutilgeneratekey function in lib/util.c through incorrect error handling code. This could be used to cause a denial of service attack...

KB5021657: Out-of-band update for Windows Server 2008 SP2: November 17, 2022

KB5021657: Out-of-band update for Windows Server 2008 SP2: November 17, 2022 Summary This update includes improvements for the following issue: Addresses a known issue that affects Windows Servers that have the Domain Controller DC role. They might have Kerberos authentication issues if both of t...

PT-2022-35103 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to handling the error returned from sctp auth asoc init active key. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

SUSE-SU-2018:0384-1 Security update for mariadb

This update for mariadb to version 10.0.33 fixes several issues. These security issues were fixed: - CVE-2017-10378: Vulnerability in subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL...

Active Perl Denial of Service Vulnerability (Windows)

The host is installed with Active Perl and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbactiveperldosvulnwin.nasl 6093 2017-05-10 09:03:18Z teissa $ Active Perl Denial of Service Vulnerability Windows Authors: Arun Kallavi Copyright: Copyright c 2013 Greenbone...

Fedora Core 3 : kernel-2.6.12-1.1376_FC3 (2005-821)

Fri Aug 26 2005 Dave Jones 2.6.12-1.1376FC3 - Better identify local builds. 159696 - Fix disk/net dump & netconsole. 152586 - Fix up sleeping in invalid context in sym2 driver. 164995 - Fix 'semaphore is not ready' error in snd-intel8x0m. - Restore hwclock functionality on some systems. 144894 -...