24 matches found
[slackware-security] kernel
New kernel packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/linux-5.15.209/kernel-generic-5.15.209-i586-1.txz: Upgraded. This update fixes security issues: rxrpc: Fix missing validation of ticke...
SUSE CVE-2026-46039
In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgkextracttoken when checking the length of the ticket. Rather than rounding up the value to be tested which might overflow, round down the...
CVE-2026-46039
A flaw was found in the Linux kernel. A potential integer overflow in the rxgkextracttoken function, specifically during the length check of a ticket, could occur. This issue arises from rounding up the value to be tested, which might lead to an overflow. This could potentially result in...
UBUNTU-CVE-2026-46039
In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgkextracttoken when checking the length of the ticket. Rather than rounding up the value to be tested which might overflow, round down the...
rxrpc: Fix missing validation of ticket length in non-XDR key preparsing
...
SUSE CVE-2026-31696
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...
Linux Distros Unpatched Vulnerability : CVE-2026-31696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large...
CVE-2026-31696
A flaw was found in the Linux kernel's rxrpc component. An unprivileged user can exploit this by providing an excessively large ticket length during key preparsing. This improper validation leads to an oversized token calculation when the key is subsequently read, triggering a system warning and...
CVE-2026-31696
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...
CVE-2026-31696 rxrpc: Fix missing validation of ticket length in non-XDR key preparsing
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...
CVE-2026-31696
Summary (CVE-2026-31696) : In the Linux kernel’s rxrpc code, the non-XDR key parsing path (rxrpc_preparse()) lacked a validation check for ticket length, unlike the XDR path. This allowed an unprivileged user to supply a very large ticket length, causing the computed total token size (toksize) to...
CVE-2026-31696
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...
CVE-2026-31696
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of ticket length validation in the non-XDR key resolution path. This vulnerability may...
PT-2026-36326
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the rxrpc preparse function, the non-XDR path for parsing key payloads used for payloads 28 bytes or smaller fails to validate the ticket length against AFSTOKEN RK TIX MAX. This...
CVE-2026-31641
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...
EUVD-2026-25534
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...
PT-2026-34993
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpc preparse xdr yfs rxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through round upx, 4 before using the rounded value for...
CVE-2016-6302
The tlsdecryptticket function in ssl/t1lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short...
CVE-2016-6302
The tlsdecryptticket function in ssl/t1lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short...