Tootfinder

Opt-in global Mastodon full text search. Join the index!

@adulau@infosec.exchange
2026-05-08 14:59:48

This kernel vulnerability looks interesting to look at.
crypto: caam - fix overflow on long hmac keys
VLAI Severity -> High (confidence: 0.9638)
vulnerability.circl.lu/vuln/CV

Title crypto: caam - fix overflow on long hmac keys Summary In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwise the hashed key may corrupt neighbouring memory. The copying is performed using kmemdup, however this leads to an overflow: reading more by…
@rene_mobile@infosec.exchange
2026-05-10 21:35:27

Releasing a universal #Linux #kernel #exploit with very little or even no previous time to distribute a patch through distributions is not cool. Doing it on the day before a weekend - on two weekends in…

Devastating 'Dirty Frag' exploit leaks out, gives immediate root access on most Linux machines since 2017, no patches available, no warning given — Copy Fail-like vulnerability had its embargo broken
A great disturbance in the cyberspace, as if millions of sysadmins suddenly cried out in terror.

@shanmukhateja@social.linux.pizza
2026-03-14 16:00:58

Compiling the #Linux kernel with AI generated code..for science.
Wish me luck folks!!
#diary #amdgpu #kernel

@grahamperrin@bsd.cafe
2026-03-04 01:45:25

#FreeBSD #Linux #kernel #jails