Astra Linux - уязвимость в openssl

Issue summary: Checking excessively long DH keys or parameters can be very slow. Applications that use functions such as DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the keys or parameters being checked were obtained from an untrusted...

JLSEC-2026-250 Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary...

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

CVE-2022-38686

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services...

CVE-2022-38674

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services...

Siemens SIMATIC S7-1500 Excessive Iteration (CVE-2023-3817)

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

CVE-2025-55080

The vulnerability CVE-2025-55080 affects Eclipse ThreadX prior to version 6.4.3. Root cause: memory protection enabled, syscall parameter verification is insufficient, enabling an attacker to obtain an arbitrary memory read/write. Affected component: ThreadX RTOS (pre-6.4.3). Impact: arbitrary me...

CVE-2025-55080 Improper Parameter Check in ThreadX Syscall Implementation

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...

EUVD-2024-27171

Malicious code in bioql PyPI...

EUVD-2025-22869

Malicious code in bioql PyPI...

The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries.

...

Linux Distros Unpatched Vulnerability : CVE-2024-4603

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or...

CVE-2025-38494 HID: core: do not bypass hid_hw_raw_request

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hidhwrawrequest hidhwrawrequest is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid...

SUSE-SU-2025:1260-1 Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: - CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. - CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. - CVE-2022-49564: crypto: qat - add param...

SUSE-SU-2025:1213-1 Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: - CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. - CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. - CVE-2022-49564: crypto: qat - add param...

CVE-2024-2212

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

DEBIAN-CVE-2024-47663

In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9834: Validate frequency parameter value In ad9834writefrequency clkgetrate can return 0. In such case ad9834calcfreqreg call will lead to division by zero. Checking 'if fout clkfreq / 2' doesn't protec...

openSUSE: Security Advisory for openssl (SUSE-SU-2024:1947-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:1947-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 bsc1222548. - CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating bsc1224388...

openSUSE Security Advisory (SUSE-SU-2024:1789-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:1789-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating bsc1224388...