Lucene search
+L

149 matches found

OSV
OSV
added 2024/07/30 7:46 a.m.25 views

CVE-2024-42155 s390/pkey: Wipe copies of protected- and secure-keys

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or...

1.9CVSS5.9AI score0.00188EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates in the s390/pkey module when using IOCTLs with clear-key, protected-key, or secure-key, if an error occurs durin...

4.1CVSS6.4AI score0.00214EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the failure to clear sensitive data from the stack when copytouser fails in the s390/pkey module...

4.1CVSS6.4AI score0.0022EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.10 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a warning reported by Coccinelle in the s390/pkey module when using memzeroexplicit and kfree, which should ...

4.1CVSS6.3AI score0.00187EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/07/23 4:29 p.m.5 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/07/22 1:12 a.m.8 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/07/16 6:43 p.m.5 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/07/08 2:36 p.m.8 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.25 views

CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm / hvloader / nodejs / nodejs18 / openssl (CVE-2023-6237)

The version of cloud-hypervisor-cvm / hvloader / nodejs / nodejs18 / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6237 advisory. - Issue summary: Checking excessively long invalid RSA...

5.9CVSS6.5AI score0.02303EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/06/12 12:27 a.m.29 views

CVE-2023-52745

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to ...

4.4CVSS6.7AI score0.0025EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/06/05 10:5 a.m.3 views

SUSE CVE-2024-1394

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey and ctx. That function...

7.5CVSS7.5AI score0.01533EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/21 3:23 p.m.26 views

CVE-2023-52745 IB/IPoIB: Fix legacy IPoIB due to wrong number of queues

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to ...

6.3AI score0.0025EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/05/21 3:23 p.m.15 views

CVE-2023-52745 IB/IPoIB: Fix legacy IPoIB due to wrong number of queues

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to ...

6.5AI score0.0025EPSS
Exploits0References5
OSV
OSV
added 2024/05/21 3:23 p.m.17 views

CVE-2023-52745 IB/IPoIB: Fix legacy IPoIB due to wrong number of queues

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to ...

5.5CVSS5.7AI score0.0025EPSS
Exploits0References8
OSV
OSV
added 2024/05/16 4:15 p.m.5 views

AZL-78534 CVE-2024-4603 affecting package openssl-fips-provider 3.1.2-1

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.4 views

UBUNTU-CVE-2024-4603

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.8AI score0.01131EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.21 views

PT-2024-10351

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the incomplete cleanup of temporary or auxiliary resources in the Linux kernel, specifically in the s390/pkey component. This could allow an attacker to cause a...

1.9CVSS5.5AI score0.00188EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/30 1:30 p.m.5 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
OSV
OSV
added 2024/04/25 7:15 a.m.4 views

AZL-42688 CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

5.9CVSS6.5AI score0.02303EPSS
Exploits0References1
OSV
OSV
added 2024/04/25 7:15 a.m.6 views

AZL-39961 CVE-2023-6237 affecting package nodejs for versions less than 20.14.0-1

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

5.9CVSS6.5AI score0.02303EPSS
Exploits0References1
Rows per page
Query Builder