19 matches found
JLSEC-2026-250 Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary...
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
JLSEC-2026-277 Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key...
Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...
Linux Distros Unpatched Vulnerability : CVE-2026-31790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicio...
MiracleLinux 9 : edk2-20240524-6.el9 (AXSA:2024-9428:12)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9428:12 advisory. mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent checking invalid RSA...
ROS-20250826-02
The vulnerability of the Diffie-Hellman key negotiation protocol is related to unnecessary public key checking in the Diffie-Hellman key negotiation protocol when using an approved secure prime number. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2024-4603
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or...
Linux Distros Unpatched Vulnerability : CVE-2023-6237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to...
OESA-2025-1747 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications th...
AZL-78534 CVE-2024-4603 affecting package openssl-fips-provider 3.1.2-1
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
AZL-42766 CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
AZL-47684 CVE-2024-4603 affecting package hvloader for versions less than 1.0.1-6
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
ALPINE-CVE-2024-4603
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
SUSE-SU-2024:0172-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2023-6129: Fixed vector register clobbering on PowerPC. bsc1218690 - CVE-2023-6237: Fixed excessive time spent checking invalid RSA public keys. bsc1218810...
Medium: openssl-snapsafe
Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...
SUSE CVE-2023-5678
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...
AZL-34666 CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...
AZL-42736 CVE-2023-5678 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...
ALPINE-CVE-2023-5678
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...
PT-2023-7560
Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.1.1w Description The issue is related to the generation and checking of excessively long X9.42 DH keys or parameters, which may cause long delays in applications using the affected functions. This can lead to a Deni...