9 matches found
Libgcrypt 1.12.2
Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...
UBUNTU-CVE-2026-23364
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp with the correct function, cryptomemneq...
PT-2025-37483
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's crypto/arm/poly1305 module where register corruption can occur in non-SIMD contexts. This issue arises from the removal of a SIMD usability check,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of SIMD availability checking, which could lead to register corruption or miscalculated MACs...
PT-2025-37485
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's poly1305 function within the arm64/poly1305 module. The issue involves register corruption in contexts where Single Instruction Multiple Data SIMD i...
CLSA-2025-1739812201 Fix CVE(s): CVE-2024-3596
SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 debian/control: add package Recommends to krb5-doc...
Nextcloud Server File Block Overwrite Vulnerability (NC-SA-2020-038)
Nextcloud Server is prone to a vulnerability where Message Authentication Codes calculated by the Default Encryption Module allow an attacker to silently overwrite blocks in a file. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and...
Message Authentication Codes calculated by the Default Encryption Module allow an attacker to silently overwrite blocks in a file (NC-SA-2020-038)
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...
Nextcloud: Message Authentication Codes calculated by the Default Encryption Module allow an attacker to silently overwrite blocks in a file
First: The default encryption module bundled with the Nextcloud Server creates SHA256-HMAC based message authentication codes for each individual 6072 byte-sized block of data. These are the steps to calculate the MAC: Take the user password and harden it with SHA256-PBKDF2 denoted as $passPhrase...