EUVD-2026-39565

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: A test for maclen should be performed before reading the MAC header. The LLC layer reads the MAC header using ethhdr, without verifying that the skb contains an Ethernet header. Syzbot was able to access the llcrcv functi...

CVE-2026-5500

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ca8210: Fix for negative array access to maclen This patch addresses a buffer overflow issue where skb-data is accessed if ieee802154hdrpeekaddrs fails...

Tenda AX1806 sub_65B5C function stack buffer overflow vulnerability

The Tenda AX1806 is a WiFi6 wireless router from Tenda China. The Tenda AX1806 suffers from a stack buffer overflow vulnerability that stems from the mac parameter of the sub65B5C function failing to properly validate the length size of the input data, which can be exploited by an attacker to cau...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990478)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990478 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988754 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989959)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989959 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without...

Linux Distros Unpatched Vulnerability : CVE-2023-52843

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without verifying that the skb has an Ethernet header. Syzbot was able to ent...

SUSE CVE-2023-53040

In the Linux kernel, the following vulnerability has been resolved: ca8210: fix maclen negative array access This patch fixes a buffer overflow access of skb-data if ieee802154hdrpeekaddrs fails...

DEBIAN-CVE-2023-53040

In the Linux kernel, the following vulnerability has been resolved: ca8210: fix maclen negative array access This patch fixes a buffer overflow access of skb-data if ieee802154hdrpeekaddrs fails...

UBUNTU-CVE-2023-53040

In the Linux kernel, the following vulnerability has been resolved: ca8210: fix maclen negative array access This patch fixes a buffer overflow access of skb-data if ieee802154hdrpeekaddrs fails...

CVE-2024-56648

Overview: CVE-2024-56648 is a Linux kernel vulnerability in the HSR net path that is resolved by extending bounds checking in fill_frame_info(). Affected component: Linux kernel, net/hsr/hsr_forward.c (function fill_frame_info). Root cause: fill_frame_info() depended on skb->mac_len without ha...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmiunregisterfunction CVE-2023-52840 In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header CVE-2023-52843 I...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmiunregisterfunction CVE-2023-52840 In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header CVE-2023-52843 I...

UBUNTU-CVE-2023-52843

In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llcrcv on a tun device. Tun can insert packets without mac len and...

SUSE CVE-2015-1798

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC...

Missing Cryptographic Step in OWASP Enterprise Security API for Java

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protectio...

DEBIAN-CVE-2015-1798

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC...

CVE-2013-5679

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protectio...