UBUNTU-CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

Covert Timing Channel

Overview Affected versions of this package are vulnerable to Covert Timing Channel in block cipher padding removal. An attacker can recover plaintext data by exploiting timing discrepancies during decryption when PKCS7 padding mode is used. Remediation Upgrade mbedtls to version 3.6.4 or higher...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...

kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...

S-Leak: Leakage-Abuse Attack against Efficient Conjunctive SSE Via S-Term Leakage

Conjunctive Searchable Symmetric Encryption CSSE enables secure conjunctive searches over encrypted data. While leakage-abuse attacks LAAs against single-keyword SSE have been extensively studied, their extension to conjunctive queries faces a critical challenge: the combinatorial explosion of...

CVE-2025-34091

A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due to observable decryption failure behavior in Windows Event Logs when handling malformed ciphertext in SYSTEM-DPAPI-encrypted blobs. A local attacker can repeatedly send malformed ciphertexts to the...

CLSA-2025-1751551010 Update of nss

Allow RSA-OAEP in FIPS mode...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper initial mapping padding of netfilter nfsetpipapoavx2, which could lead to information disclosure...

CVE-2025-34091

Rejected reason: Neither filed by Chrome nor a valid security vulnerability...

CVE-2025-34091

...

CVE-2025-34091 Chrome Cookie Encryption Bypass via Padding Oracle Attack on AppBound Encryption

A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due to observable decryption failure behavior in Windows Event Logs when handling malformed ciphertext in SYSTEM-DPAPI-encrypted blobs. A local attacker can repeatedly send malformed ciphertexts to the...

CVE-2025-34091

CVE-2025-34091 describes a padding oracle vulnerability in Google Chrome’s AppBound cookie encryption, due to DPAPI decryption error reporting in Windows Event Logs. A local attacker can send malformed SYSTEM-DPAPI ciphertext to Chrome’s elevation service, distinguish padding vs MAC errors, and p...

PT-2025-27672 · Google · Google Chrome

Name of the Vulnerable Software and Affected Versions: Google Chrome affected versions not specified Description: A padding oracle vulnerability exists in Google Chrome's AppBound cookie encryption mechanism. This issue arises due to observable decryption failure behavior in Windows Event Logs wh...

PT-2025-30211 · Arm · Mbed Tls

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions 3.6.1 through 3.6.3 Description: A timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used. Recommendations: Update to version 3.6.4 or later...

OESA-2025-1673 perl-Crypt-OpenSSL-RSA security update

encoding and decoding according to using the openSSL libraries Security Fixes: A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an...

SUSE SLES12 Security Update : perl-Crypt-OpenSSL-RSA (SUSE-SU-2025:01887-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01887-1 advisory. - CVE-2024-2467: Side-channel attack in PKCS1 v1.5 padding mode Marvin Attack bsc1221446 Tenable has extracted the preceding description block directl...

CVE-2025-49824

conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travisencryptbinstartoken implementation in the conda-smithy package has been identified as vulnerable to an Oracle Padding Attac...