753 matches found
CVE-2025-69277
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...
AZL-73341 CVE-2025-69277 affecting package libsodium for versions less than 1.0.19-2
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...
CVE-2025-69277
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...
CVE-2025-69277
CVE-2025-69277 affects libsodium; root cause is mishandled checks in crypto_core_ed25519_is_valid_point() that can accept points outside the main elliptic-curve group in atypical usage. Descriptions across sources indicate the issue exists in libsodium prior to ad3004e and that fixes were release...
libsodium 安全漏洞
libsodium is a cryptographic software library from the individual developer Frank Denis. A security vulnerability exists in previous versions of libsodium ad3004e, which stems from mishandling of elliptic curve point validity checking, which may allow points that are not part of the main crypto...
EUVD-2023-60477
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
CVE-2023-54164
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
CVE-2023-54258
CVE-2023-54258 affects the Linux kernel CIFS/SMB client code. The vulnerability stems from a race between deferred closes and lease breaks in cifs_oplock_break, where an unmount (kill_sb) could observe an invalid tcon->ses if not properly synchronized. The documented fix orders the checks befo...
CVE-2023-54258 cifs: fix potential oops in cifs_oplock_break
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifsoplockbreak With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplockresponse, this can mean that an unmount...
CVE-2023-54258 cifs: fix potential oops in cifs_oplock_break
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifsoplockbreak With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplockresponse, this can mean that an unmount...
CVE-2023-54164 Bluetooth: ISO: fix iso_conn related locking and validity issues
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
CVE-2023-54164 Bluetooth: ISO: fix iso_conn related locking and validity issues
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
CVE-2023-54164
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
PT-2025-54087
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the CIFS implementation, specifically in the cifs oplock break function. A race condition can occur with deferred close operations and lease break...
security/libsodium -- crypto_core_ed25519_is_valid_point mishandles checks for whether an elliptic curve point is valid
Libsodium maintainer reports: The function cryptocoreed25519isvalidpoint, a low-level function used to check if a given elliptic curve point is valid, was supposed to reject points that aren't in the main cryptographic group, but some points were slipping through...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper locking and insufficient validity checking, which could lead to a race condition...
CVE-2023-54062 ext4: fix invalid free tracking in ext4_xattr_move_to_block()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4xattrmovetoblock In ext4xattrmovetoblock, the value of the extended attribute which we need to move to an external block may be allocated by kvmalloc if the value is stored in an external...
CVE-2025-68353
In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a substitution of incorrect ASCE index values, which could lead to address delivery errors and validity...
PT-2025-53037
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to the idmouse driver. Specifically, within the idmouse create image function, a failure in any ftip command can lead to uninitialized data in...