Lucene search
K

88 matches found

OSV
OSV
added 2025/07/03 9:15 a.m.2 views

DEBIAN-CVE-2025-38173

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...

5.5CVSS5.5AI score0.00151EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 9:15 a.m.5 views

AZL-64520 CVE-2025-38173 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...

5.5CVSS6.8AI score0.00151EPSS
Exploits0References1
NVD
NVD
added 2025/07/03 9:15 a.m.6 views

CVE-2025-38173

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...

5.5CVSS0.00151EPSS
Exploits0References10
OSV
OSV
added 2025/07/03 9:15 a.m.2 views

UBUNTU-CVE-2025-38173

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...

5.5CVSS6.1AI score0.00151EPSS
Exploits0References43
OSV
OSV
added 2025/07/03 8:36 a.m.5 views

CVE-2025-38173 crypto: marvell/cesa - Handle zero-length skcipher requests

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...

5.5CVSS6.5AI score0.00151EPSS
Exploits0References13
CVE
CVE
added 2025/07/03 8:36 a.m.81 views

CVE-2025-38173

CVE-2025-38173 affects the Linux kernel’s crypto path for marvell/cesa. The vulnerability arises from handling zero-length skcipher requests, where code could access invalid memory. The fix makes zero-length requests return 0 instead of reading memory. This is a local vulnerability with the kerne...

5.5CVSS7.2AI score0.00151EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2025/07/03 8:36 a.m.13 views

CVE-2025-38173

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...

5.5CVSS5.5AI score0.00151EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/10 12:0 a.m.9 views

PT-2025-27758

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns handling zero-length skcipher requests in the Linux kernel's crypto module, specifically the marvell/cesa component. The problem arises when the kernel attempts to...

5.5CVSS6.7AI score0.00151EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/06/04 12:36 p.m.5 views

SUSE CVE-2023-3108

A flaw was found in the subsequent getuserpagesfast in the Linux kernel's interface for symmetric key cipher algorithms in the skcipherrecvmsg of crypto/algifskcipher.c function. This flaw allows a local user to crash the system...

6.2CVSS4.6AI score0.00182EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/08/08 12:0 a.m.7 views

The vulnerability of the skcipher_recvmsg function in the crypto/algif_skcipher.c file of Linux operating system kernels allows a hacker to cause a service failure.

The vulnerability of the skcipherrecvmsg function in the Linux operating system’s kernel code is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...

4.9CVSS5.9AI score0.00182EPSS
Exploits0References8Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.6 views

SUSE CVE-2017-9211

The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service NULL pointer dereference via a crafted application...

5.5CVSS7.1AI score0.0039EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.3 views

SUSE CVE-2017-13215

A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel...

5.3CVSS7.8AI score0.00308EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.4 views

SUSE CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.1CVSS6.6AI score0.00428EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.4 views

SUSE CVE-2018-14619

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each afalgctx was freed instead of when the aeadtfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bein...

7.8CVSS7.7AI score0.0043EPSS
Exploits0References4
OSV
OSV
added 2023/01/17 6:0 p.m.12 views

GSD-2023-1000693 crypto: tcrypt - Fix multibuffer skcipher speed test mem leak

crypto: tcrypt - Fix multibuffer skcipher speed test mem leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/09 10:13 a.m.37 views

CVE-2017-13215

A flaw was found in the Linux kernel's skcipher component, which affects the skcipherrecvmsg function. Attackers using a specific input can lead to a privilege escalation...

7.8CVSS4.6AI score0.00308EPSS
Exploits0References1
Veracode
Veracode
added 2019/05/16 3:18 a.m.37 views

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. This is because Salsa20 encryption algorithm does not correctly handle zero-length inputs. This allows a local attacker to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or...

7.8CVSS7.2AI score0.00683EPSS
Exploits1References45Affected Software2
RedHat Linux
RedHat Linux
added 2019/05/14 7:16 p.m.3 views

kernel: crypto: privilege escalation in skcipher_recvmsg function

A flaw was found in the Linux kernel's skcipher component, which affects the skcipherrecvmsg function. Attackers using a specific input can lead to a privilege escalation...

7.8CVSS7.1AI score0.00308EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.291 views

EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1234)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function...

10CVSS6.4AI score0.52841EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.263 views

EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1232)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local...

7.8CVSS6.8AI score0.00561EPSS
Exploits0References4
Rows per page
Query Builder