88 matches found
DEBIAN-CVE-2025-38173
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...
AZL-64520 CVE-2025-38173 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...
CVE-2025-38173
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...
UBUNTU-CVE-2025-38173
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...
CVE-2025-38173 crypto: marvell/cesa - Handle zero-length skcipher requests
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...
CVE-2025-38173
CVE-2025-38173 affects the Linux kernel’s crypto path for marvell/cesa. The vulnerability arises from handling zero-length skcipher requests, where code could access invalid memory. The fix makes zero-length requests return 0 instead of reading memory. This is a local vulnerability with the kerne...
CVE-2025-38173
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0...
PT-2025-27758
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns handling zero-length skcipher requests in the Linux kernel's crypto module, specifically the marvell/cesa component. The problem arises when the kernel attempts to...
SUSE CVE-2023-3108
A flaw was found in the subsequent getuserpagesfast in the Linux kernel's interface for symmetric key cipher algorithms in the skcipherrecvmsg of crypto/algifskcipher.c function. This flaw allows a local user to crash the system...
The vulnerability of the skcipher_recvmsg function in the crypto/algif_skcipher.c file of Linux operating system kernels allows a hacker to cause a service failure.
The vulnerability of the skcipherrecvmsg function in the Linux operating system’s kernel code is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...
SUSE CVE-2017-9211
The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service NULL pointer dereference via a crafted application...
SUSE CVE-2017-13215
A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel...
SUSE CVE-2017-17805
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...
SUSE CVE-2018-14619
A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each afalgctx was freed instead of when the aeadtfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bein...
GSD-2023-1000693 crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
crypto: tcrypt - Fix multibuffer skcipher speed test mem leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
CVE-2017-13215
A flaw was found in the Linux kernel's skcipher component, which affects the skcipherrecvmsg function. Attackers using a specific input can lead to a privilege escalation...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of serviceDoS attacks. This is because Salsa20 encryption algorithm does not correctly handle zero-length inputs. This allows a local attacker to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or...
kernel: crypto: privilege escalation in skcipher_recvmsg function
A flaw was found in the Linux kernel's skcipher component, which affects the skcipherrecvmsg function. Attackers using a specific input can lead to a privilege escalation...
EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1234)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function...
EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1232)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local...