openSUSE 16 Security Update : openssl-3 (openSUSE-SU-2026:20152-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20152-1 advisory. Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer...

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: Improper validation of PBMAC1 parameters in PKCS12 MAC verification CVE-2025-11187 Stack buffer overflow in CMS AuthEnvelopedData parsing CVE-2025-15467 NULL dereference in SSLCIPHERfind function on unknown cipher ID CVE-2025-15468 "openssl dgst" one-shot codepath...

Security Bulletin: This Power System update is being released to address CVE-2024-2511

Summary The OpenSSL package is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2024-2511, by upgrading PowerVM and thus addressing the exposur...

[SECURITY] [DLA 3937-1] nss security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3937-1 [email protected] https://www.debian.org/lts/security/ Arturo Borrero Gonzalez October 27, 2024 https://wiki.debian.org/LTS -...

kernel: tls: fix missing memory barrier in tls_init

In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...

Internet Bug Bounty: Unbounded memory growth with session handling in TLSv1.3

Some non-default TLS server configurations were found to cause unbounded memory growth when processing TLSv1.3 sessions. The issue was caused by a problem with the session cache management in certain scenarios involving the SSLOPNOTICKET option. This could lead to a Denial of Service...

kernel: tls: fix missing memory barrier in tls_init

In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...

AZL-42700 CVE-2024-2511 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

OPENSUSE-SU-2021:0082-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - New upstream LTS version 10.23.1: CVE-2020-8265: use-after-free in TLSWrap High bug in TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as...