Lucene search
K

89 matches found

Cvelist
Cvelist
added 2026/06/24 4:29 p.m.30 views

CVE-2026-53016 crypto: ccp - copy IV using skcipher ivsize

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - copy IV using skcipher ivsize AFALG rfc3686-ctr-aes-ccp requests pass an 8-byte IV to the driver. ccpaescomplete restores AESBLOCKSIZE bytes into the caller's IV buffer while RFC3686 skciphers expose an 8-byte IV, s...

7.8CVSS0.00132EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 4:29 p.m.1 views

CVE-2026-53016 crypto: ccp - copy IV using skcipher ivsize

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - copy IV using skcipher ivsize AFALG rfc3686-ctr-aes-ccp requests pass an 8-byte IV to the driver. ccpaescomplete restores AESBLOCKSIZE bytes into the caller's IV buffer while RFC3686 skciphers expose an 8-byte IV, s...

7.8CVSS5.8AI score0.00132EPSS
Exploits0References15
CVE
CVE
added 2026/06/24 4:29 p.m.18 views

CVE-2026-53016

Summary of CVE-2026-53016 (Linux kernel): The vulnerability exists in the crypto CCP driver when handling AF_ALG rfc3686-ctr-aes-ccp requests. The function ccp_aes_complete() restores AES_BLOCK_SIZE bytes into the caller’s IV buffer, but RFC3686 skciphers expose an 8-byte IV, leading to a buffer ...

7.8CVSS5.7AI score0.00132EPSS
Exploits0References13
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa – Handles zero-length skcipher requests. Do not access random memory for zero-length skcipher requests. Simply return 0...

5.5CVSS6.3AI score0.00151EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38173)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38173 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero- leng...

5.5CVSS5.3AI score0.00151EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001642 advisory. A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The null skcipher was being dropped when each afalgctx was freed instead...

7.8CVSS6.6AI score0.0043EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004791)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004791 advisory. A flaw was found in the subsequent getuserpagesfast in the Linux kernels interface for symmetric key cipher algorithms in the skcipherrecvmsg of crypto/algifskcipher...

6.2CVSS5.4AI score0.0019EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001272 advisory. The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-base...

7.8CVSS6.4AI score0.00428EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001027)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001027 advisory. The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel...

4.9CVSS6.5AI score0.00354EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001304 advisory. The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows loca...

5.5CVSS6.6AI score0.0039EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000995 advisory. A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream...

7.8CVSS6.6AI score0.00308EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003472)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003472 advisory. The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows loca...

5.5CVSS6.6AI score0.0039EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003289)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003289 advisory. A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream...

7.8CVSS6.6AI score0.00308EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003104 advisory. The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-base...

7.8CVSS6.4AI score0.00428EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003138)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003138 advisory. The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows loca...

5.5CVSS6.6AI score0.0039EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003420 advisory. A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream...

7.8CVSS6.6AI score0.00308EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003262)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003262 advisory. A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The null skcipher was being dropped when each afalgctx was freed instead...

7.8CVSS6.6AI score0.0043EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/12/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-50707

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the...

5.3AI score0.00168EPSS
Exploits0References2
NVD
NVD
added 2025/12/24 11:15 a.m.7 views

CVE-2022-50707

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...

0.00168EPSS
Exploits0References4
OSV
OSV
added 2025/12/24 11:15 a.m.4 views

UBUNTU-CVE-2022-50707

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...

5.7AI score0.00168EPSS
Exploits0References6
Rows per page
Query Builder