11 matches found
UBUNTU-CVE-2026-39833
The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001039)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001039 advisory. The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001073)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001073 advisory. The keyringdetectcycleiterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, whi...
SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for gpg2 (SUSE-SU-2025:02259-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02259-1 advisory. - CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring bsc1239119. Other bugfixes: - Do no...
SUSE-SU-2025:20472-1 Security update for gpg2
This update for gpg2 fixes the following issues: - CVE-2025-30258: Fix a verification DoS due to a malicious subkey in the keyring: bsc1239119, bsc1236931 gpg: Fix regression for the recent malicious subkey DoS fix. gpg: Fix another regression due to the T7547 fix. gpg: Allow the use of an ADSK...
Security update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed a verification DoS due to a malicious subkey in the keyring. bsc1239119 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...
CVE-2012-6111
gnome-keyring does not discard stored secrets when using gnomekeyringlockallsync function...
CVE-2022-49897
Removed by vendor...
Security update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring bsc1239119 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Linux Distros Unpatched Vulnerability : CVE-2024-50301
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - security/keys: fix slab-out-of-bounds in keytaskpermission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in kuidval...
Amazon Linux AMI : gnupg2 (ALAS-2015-574)
It was reported that gnupg2 keyring DB code did not reject packets which don't belong into a keyring, which may lead to invalid read of sizeof int. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory...