SUSE-SU-2026:21824-1 Security update for leancrypto

This update for leancrypto fixes the following issues Security issue: - CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when stori...

crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed

...

Linux Distros Unpatched Vulnerability : CVE-2026-31699

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmwa...

CVE-2026-31699

A flaw was found in the Linux kernel's crypto: ccp module. A local user could exploit a vulnerability where the system attempts to copy a Certificate Signing Request CSR to userspace even after a Platform Security Processor PSP command has failed. This can lead to a slab-out-of-bounds write,...

CVE-2026-31699

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

CVE-2026-31699

Technical details about CVE-2026-31699 are not publicly available in the provided documents. Monitor for updates from OSV, Red Hat, SUSE, Debian and other trackers for affected products and fixes.

CVE-2026-31699

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

PT-2026-36329

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the crypto CCP component when retrieving the PEK CSR. If a firmware command fails, specifically due to an invalid length where the userspace buffer is too small, the...

OPENSUSE-SU-2026:20351-1 Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: - CVE-2025-47913: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253611...

SUSE-SU-2026:20451-1 Security update for docker-compose

This update for docker-compose fixes the following issues: - CVE-2025-47914: non validated message size can cause a panic due to an out of bounds read bsc1254041. - CVE-2025-47913: client process termination when receiving an unexpected message type in response to a key listing or signing request...

CVE-2022-26481

An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request CSR action...

SUSE-SU-2025:4245-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598...

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2025:4244-1 Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598...

SUSE-SU-2025:4229-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598...

SUSE-SU-2025:4191-1 Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598...

SUSE-SU-2025:4185-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:4156-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4156-1 advisory. - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a...

Security update for podman

This update for podman fixes the following issues: CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542 Patch Instructions: To install this SUSE update use the SUSE...

SUSE-SU-2025:4157-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542...