30 matches found
Astra Linux – Vulnerability in Firefox
Multiple NSS NIST curves were vulnerable to a side-channel attack known as “Minerva”. This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox versions less than 121...
Azure Linux 3.0 Security Update: gnutls (CVE-2024-28834)
The version of gnutls installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28834 advisory. - A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic...
MiracleLinux 9 : gnutls-3.7.6-23.el9_3.4 (AXSA:2024-7696:05)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7696:05 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain building/verification CVE-2024-28835...
MiracleLinux 8 : gnutls-3.6.16-8.el8_9.3.ML.1 (AXSA:2024-7683:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7683:04 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 Tenable has extracted the preceding description block directly from the MiracleLin...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 bsc1240366. Backport mdless cms signing support jscPED-12895 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...
SUSE-SU-2025:20406-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 on PPC arch bsc1240366 - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 bsc1240366 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Gnutls: vulnerable to minerva side-channel information leak
...
nss: vulnerable to Minerva side-channel information leak
The Network Security Services NSS package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key...
nss: vulnerable to Minerva side-channel information leak
The Network Security Services NSS package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key...
CLSA-2024-1722977316 nss: Fix of CVE-2023-6135
CVE-2023-6135: fix a vulnerability in NSS involving NIST curves susceptible to the "Minerva" side-channel attack, potentially allowing private key recovery...
gnutls security update
An update is available for gnutls. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnutls package provide the GNU Transport Layer Security GnuTLS library,...
Moderate: Red Hat Security Advisory: gnutls security update
An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: gnutls security update
The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain...
RHEL 8 : gnutls (RHSA-2024:2044)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2044 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...
Moderate: Red Hat Security Advisory: gnutls security update
An update for gnutls is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: gnutls security update
An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ALSA-2024:1879 Moderate: gnutls security update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain...
Moderate: gnutls security update
The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. This package update fixes a timing side-channel in deterministic ECDSA. Security Fixes: gnutls: vulnerable to Minerva side-channel...
GnuTLS 信息泄露漏洞
GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols. An information disclosure vulnerability exists in GnuTLS that stems from the application's susceptibility to Minerva side-channel information disclosure...