Linux Distros Unpatched Vulnerability : CVE-2023-50979

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypto++ aka cryptopp through 8.9.0 has a Marvin side channel during decryption with PKCS1 v1.5 padding. CVE-2023-50979 Note that Nessus relies on the presence ...

Linux Distros Unpatched Vulnerability : CVE-2019-12422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Shiro before 1.4.2, when using the default remember me configuration, cookies could be susceptible to a padding attack. CVE-2019-12422 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2023-5981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct...

kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...

SUSE CVE-2025-38613

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on the stack frame being copyied back to userspace in function...

CVE-2025-38613

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on the stack frame being copyied back to userspace in function...

UBUNTU-CVE-2025-38613

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on the stack frame being copyied back to userspace in function...

CVE-2025-38613 staging: gpib: fix unset padding field copy back to userspace

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on the stack frame being copyied back to userspace in function...

CVE-2025-38613 staging: gpib: fix unset padding field copy back to userspace

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on the stack frame being copyied back to userspace in function...

CVE-2025-38613

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on the stack frame being copyied back to userspace in function...

CVE-2025-38613

CVE-2025-38613 affects the Linux kernel (staging gpib). The issue is that a padding field in the gpib_board_info_ioctl struct was copied back to userspace uninitialized, risking leakage of stack data. The fix initializes the entire struct to zero before copying back to userspace. Affected compone...

PT-2025-33811 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the staging/gpib subsystem where an uninitialized padding field within the gpib board info ioctl structure is copied back to userspace via the boa...

Linux Distros Unpatched Vulnerability : CVE-2022-43598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially craft...

Linux Distros Unpatched Vulnerability : CVE-2017-15139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to...

Linux Distros Unpatched Vulnerability : CVE-2016-1000345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environmen...

OESA-2025-2001 perl-Crypt-OpenSSL-RSA security update

encoding and decoding according to using the openSSL libraries Security Fixes: A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an...

Linux Distros Unpatched Vulnerability : CVE-2024-44973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm, slub: do not call doslabfree for kfence object In 782f8906f805 the freeing of kfence...

kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...

kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : opensc (SUSE-SU-2025:02754-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02754-1 advisory. - CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS1 padding bsc1219386. Tenable h...