#dirtydecrypt — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #dirtydecrypt, aggregated by home.social.

ZEN SecDB @[email protected] · 2026-05-20 · 06:28 UTC

🚨 CVE-2026-31635 (DirtyDecrypt / DirtyCBC)
rxrpc: fix oversized RESPONSE authenticator length check
rxgk_verify_response() decodes auth_len from the packet and is supposed
to verify that it fits in the remaining bytes. The existing check is
inverted, so oversized RESPONSE authenticators are accepted and passed
to rxgk_decrypt_skb(), which can later reach skb_to_sgvec() with an
impossible length and hit BUG_ON(len).
ℹ️ Additional info on ZEN SecDB https://secdb.nttzen.cloud/cve/detail/CVE-2026-31635
#nttdata #zen #secdb #infosec
#dirtydecrypt #dirtycbc #linux #kernel #lpe #cve202631635

#nttdata #zen #secdb #infosec #dirtydecrypt #dirtycbc
ZEN SecDB @[email protected] · 2026-05-20 · 06:28 UTC

🚨 CVE-2026-31635 (DirtyDecrypt / DirtyCBC)
rxrpc: fix oversized RESPONSE authenticator length check
rxgk_verify_response() decodes auth_len from the packet and is supposed
to verify that it fits in the remaining bytes. The existing check is
inverted, so oversized RESPONSE authenticators are accepted and passed
to rxgk_decrypt_skb(), which can later reach skb_to_sgvec() with an
impossible length and hit BUG_ON(len).
ℹ️ Additional info on ZEN SecDB https://secdb.nttzen.cloud/cve/detail/CVE-2026-31635
#nttdata #zen #secdb #infosec
#dirtydecrypt #dirtycbc #linux #kernel #lpe # cve202631635

#lpe #kernel #linux #dirtycbc #dirtydecrypt #infosec
Edwin G. :mapleleafroundel: @[email protected] · 2026-05-18 · 13:24 UTC

There's an exploit running around for the DirtyDecrypt Linux vulnerability
https://www.bleepingcomputer.com/news/security/exploit-available-for-new-dirtydecrypt-linux-root-escalation-flaw/
- - -
Il y a désormais un exploit qui se promène pour la vulnérabilité Linux DirtyDecrypt
// Article en anglais //
#Linux #DirtyDecrypt #InfoSec #Cybersécurité

#linux #dirtydecrypt #infosec #cybersecurite