SUSE CVE-2026-46283

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

CVE-2026-46283

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tpmdevrelease function not properly releasing the authentication session using kfreesensitive,...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: s390/pkey: Use kfreesensitive to fix Coccinelle warnings. Replace memzeroexplicit and kfree with kfreesensitive to fix the warnings reported by Coccinelle: WARNING opportunity for kfreesensitive/kvfreesensitive line 1506 WARNI...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005085)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005085 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that...

UBUNTU-CVE-2025-71151

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...

CVE-2025-71151

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989565)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989565 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989804)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989804 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990291)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990291 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that...

EUVD-2022-54968

Malicious code in bioql PyPI...

SUSE CVE-2022-49258

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

CVE-2022-49258

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

DEBIAN-CVE-2022-49258

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

CVE-2022-49258 crypto: ccree - Fix use after free in cc_cipher_exit()

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

CVE-2022-49258

The CVE-2022-49258 issue is in the Linux kernel crypto/ccree: a use-after-free in cc_cipher_exit() where ctx_p->user.key is freed by kfree_sensitive() but still used on the following line. The fix prevents UAF by moving kfree_sensitive(ctx_p->user.key) after dev_dbg(), effectively ensuring ...

CVE-2022-49258 crypto: ccree - Fix use after free in cc_cipher_exit()

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher – The key buffer is zeroed after use. I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroed once they are no longer needed. This is achieved by using...

nvmet-auth: assign dh_key to NULL after kfree_sensitive

...

PT-2026-4364

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the smb3 reconfigure function. Specifically, if the smb3 sync session ctx passwords function fails, the function prematurely returns without...