EUVD-2017-1551

Malware in sbrugna...

[SECURITY] Fedora 32 Update: libpri-1.6.0-9.fc32

libpri is a C implementation of the Primary Rate ISDN specification. It was based on the Bellcore specification SR-NWT-002343 for National ISDN. As of May 12, 2001, it has been tested work to with NI-2, Nortel DMS-100, and Lucent 5E Custom protocols on switches from Nortel and Lucent...

[SECURITY] Fedora 33 Update: libpri-1.6.0-9.fc33

libpri is a C implementation of the Primary Rate ISDN specification. It was based on the Bellcore specification SR-NWT-002343 for National ISDN. As of May 12, 2001, it has been tested work to with NI-2, Nortel DMS-100, and Lucent 5E Custom protocols on switches from Nortel and Lucent...

FreeBSD : mbed TLS (PolarSSL) -- multiple vulnerabilities (d8382a69-4728-11e8-ba83-0011d823eebd)

Simon Butcher reports : - Defend against Bellcore glitch attacks by verifying the results of RSA private key operations. - Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute-force attack on the HMAC key of a single, uninterrupted connecti...

mbed TLS (PolarSSL) -- multiple vulnerabilities

Simon Butcher reports: Defend against Bellcore glitch attacks by verifying the results of RSA private key operations. Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute force attack on the HMAC key of a single, uninterrupted connection wi...

Code injection

Linaro's open source TEE solution called OP-TEE, version 2.4.0 and older is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key...

CVE-2017-1000412

Linaro's open source TEE solution called OP-TEE, version 2.4.0 and older is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key...

CVE-2017-1000412

Linaro's open source TEE solution called OP-TEE, version 2.4.0 and older is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key...

CVE-2017-1000412

Linaro's open source TEE solution called OP-TEE, version 2.4.0 and older is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key...

CVE-2017-1000412

OP-TEE (Linaro) versions 2.4.0 and older are vulnerable to a bellcore attack in the LibTomCrypt code, resulting in a compromised private RSA key. Root cause:LibTomCrypt usage within OP-TEE; affected component is the TEE implementation. Impact: potential exposure of private RSA keys. Exploitation ...

CVE-2017-1000412

Linaro's open source TEE solution called OP-TEE, version 2.4.0 and older is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key...