Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmac: cfg80211 – Pass the PMK in binary instead of hex. It appears that the hex-based passphrase mechanism does not work on newer chips/firmwares e.g., BCM4387. There was actually a simpler way to pass the data in binary,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013789)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013789 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase...

CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

Linux Distros Unpatched Vulnerability : CVE-2020-17497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4. CVE-2020-17497 Note that Nessus...

RHEL 5 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wpasupplicant: local configuration update allows privilege escalation CVE-2016-4477 - wpasupplicant:...

CVE-2017-13077

A new exploitation technique called key reinstallation attacks KRACKs affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key PTK-TK during a...

openssl security and bug fix update

1.0.2k-19.0.1 - Bump release for rebuild. 1.0.2k-19 - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel 1649568 1.0.2k-18 - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done...

wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake

A new exploitation technique called key reinstallation attacks KRACKs affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key PTK-TK during a...

wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake

A new exploitation technique called key reinstallation attacks KRACKs affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key PTK-TK during a...

WPA2 Wireless Network TPK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A TPK key vulnerability exists in WPA2 wireless networks when reinstalling a tunneled direct connection setting PeerKey in the TDLS handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II...

Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II

On October 16, 2017, a research paper with the title “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” was made publicly available. This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi Protected Access WPA and the Wi-Fi Protected Access II WPA2...