129 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: fscrypt: stopped using the keyring subsystem for fscryptmasterkey. The approach of having fs/crypto/ manage the fscryptmasterkey structures internally as payloads of “struct key” objects contained in a “struct key” keyring has...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: X.509: Fixed an out-of-bounds access issue when parsing extensions. Leo reports an out-of-bounds access issue when parsing a certificate with empty Basic Constraints or Key Usage extensions. This occurs because the first byte of...
SUSE CVE-2026-31430
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
CVE-2026-31430
A flaw was found in the Linux kernel. An unprivileged user can exploit this vulnerability by submitting a specially crafted X.509 certificate to the kernel through the keyrings7 application programming interface API. This certificate, specifically when containing empty Basic Constraints or Key...
EUVD-2026-23819
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
CVE-2026-31430
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
CVE-2026-31430
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
CVE-2026-31430
CVE-2026-31430 affects the Linux kernel: X.509 extensions parsing could read the first byte of an extension before checking length, causing out-of-bounds access. The vulnerability can be triggered by an unprivileged user submitting a crafted certificate via the keyrings(7) API. A PoC exists. The ...
CVE-2026-31430 X.509: Fix out-of-bounds access when parsing extensions
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
Linux Distros Unpatched Vulnerability : CVE-2026-31430
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage...
PT-2026-33747
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs when parsing X.509 certificates containing empty Basic Constraints or Key Usage extensions. This happens because the first byte of the extension is read...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001614)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001614 advisory. In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003013)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003013 advisory. In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003088)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003088 advisory. It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002042)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002042 advisory. Race condition in the installuserkeyrings function in security/keys/processkeys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service NU...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989619)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989619 advisory. In the Linux kernel, the following vulnerability has been resolved: fscrypt: stop using keyrings subsystem for fscryptmasterkey The approach of fs/crypto/ internally...
EUVD-2017-9397
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987032)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987032 advisory. In the Linux kernel, the following vulnerability has been resolved: fscrypt: stop using keyrings subsystem for fscryptmasterkey The approach of fs/crypto/ internally...
EUVD-2025-12875
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-18270
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of...