4 matches found
OESA-2024-1227 shim security update
Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate...
OESA-2024-1224 shim security update
Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate...
openssl: Possible DoS translating ASN.1 object identifiers
A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...
SUSE CVE-2023-2650
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...