CVE-2026-5419

A flaw was found in gnutls. The PKCS7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context CVE-2026-23102 In the Linu...

PT-2026-35016

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel due to uninitialized padding bytes in the build polexpire function. While the build expire function correctly clears trailing padding bytes of th...

netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD

...

SUSE CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

EUVD-2026-21957

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

CVE-2026-31428 netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

PT-2026-32354

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter nfnetlink log component allows the leak of stale heap contents to userspace via the NFLOG netlink socket. The function build packet message manually constructs th...

EUVD-2002-0336

Malware in sbrugna...

OPENSUSE-SU-2020:1970-1 Security update for tor

This update for tor fixes the following issues: Updating tor to a newer version in the respective codestream. - tor 0.3.5.12: Check channels+circuits on relays more thoroughly TROVE-2020-005, boo1178741 Not affected by out-of-bound memory access CVE-2020-15572, boo1173979 Fix DoS defenses on...

OPENSUSE-SU-2020:0428-1 Security update for tor

This update for tor to version 0.3.5.10 fixes the following issues: - tor was updated to version 0.3.5.10: - CVE-2020-10592: Fixed a CPU consumption denial of service and timing patterns boo1167013 - CVE-2020-10593: Fixed a circuit padding memory leak boo1167014 This update was imported from the...

kernel: information leak in sigaltstack

The dosigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack...