719 matches found
UBUNTU-CVE-2026-43383
In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2026-43384
In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2026-43383
In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2026-43384
In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2026-43384 net/tcp-ao: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2026-43384
The CVE-2026-43384 issue concerns the Linux kernel TCP Authentication Option (TCP-AO) where MACs were compared without constant-time handling. The connected documents confirm a fix was applied to make MAC comparisons constant-time, mitigating timing-attack leakage of sensitive information. The vu...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a non-constant time for the MAC comparison of tcp-md5, potentially leading to timing attacks...
PT-2026-39044
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A timing attack is possible because Message Authentication Codes MACs are not compared in constant time. This allows an attacker to potentially deduce information by measuring the time t...
PT-2026-39045
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A timing attack issue exists in the TCP Authentication Option TCP-AO implementation. The Message Authentication Code MAC comparison was not performed in constant-time, which could allow ...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the MAC comparison in tcp-ao does not use a constant time, potentially leading to timing...
[SECURITY] [DLA 4556-1] dovecot security update
Debian LTS Advisory DLA-4556-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 01, 2026 https://wiki.debian.org/LTS Package : dovecot Version : 1:2.3.13+dfsg1-2+deb11u3 CVE ID : CVE-2025-59031 CVE-2025-59032 CVE-2026-0394 CVE-2026-27855 CVE-2026-27856...
Mojic 安全漏洞
Mojic is a C-language code obfuscation tool developed by Amit Dutta. Versions of Mojic prior to 2.1.4 contained security vulnerabilities. These vulnerabilities stemmed from the use of the standard equality operator by CipherEngine to verify HMAC-SHA256 integrity checks, which could allow attacker...
DevTools remote secret comparison is vulnerable to timing attacks
An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code executio...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013091)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013091 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared ...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011046)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011046 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared ...
EUVD-2026-22136
Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password...
CVE-2026-5086 Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks
Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password...
CVE-2026-5086
CVE-2026-5086 affects Crypt::SecretBuffer
Crypt::SecretBuffer 安全漏洞
Crypt::SecretBuffer is a cryptographic buffer module developed by NERDVANA’s individual developers, designed for secure storage and memory protection of sensitive data. Versions of Crypt::SecretBuffer prior to 0.019 contained security vulnerabilities, which were due to susceptibility to timing...
PT-2026-32548
Perl CPAN CVE-2026-5086: Crypt::SecretBuffer versions before 0.019 is susceptible to timing attacks https://t.co/9mQfUsrqkz For example, if it was used to store and compare plaintext passwords, then discrepancies in timing could be used to guess the secret password...