20 matches found
Astra Linux – Vulnerability in sysstat
In sysstat versions up to 12.7.2, there is a multiplication integer overflow in the checkoverflow function in common.c. NOTE: This issue exists due to an incomplete fix for CVE-2022-39377...
Security update for sysstat
This update for sysstat fixes the following issues: CVE-2023-33204: Fixed a multiplication integer overflow in checkoverflow in common.c bsc1211507 CVE-2022-39377: Fixed arithmetic overflow in allocatestructures bsc1205224 Patch Instructions: To install this SUSE update use the SUSE recommended...
EulerOS 2.0 SP11 : sysstat (EulerOS-SA-2023-2713)
According to the versions of the sysstat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete f...
sysstat: check_overflow() function can work incorrectly that lead to an overflow
A vulnerability was found in sysstat. This security flaw happens because it allows a multiplication integer overflow in checkoverflow in common.c. This issue exists due to an incomplete fix for CVE-2022-39377...
Moderate: Red Hat Security Advisory: sysstat security and bug fix update
An update for sysstat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Moderate: sysstat security and bug fix update
The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security Fixes: sysstat: checkoverflow function can work incorrectly, which could lead to an overflow CVE-2023-33204 For more details about the security...
Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2023-2776)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : sysstat (2023-4706cef256)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4706cef256 advisory. Security fix for CVE-2023-33204 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
SUSE CVE-2023-33204
sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377...
DEBIAN-CVE-2023-33204
sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377...
UBUNTU-CVE-2023-33204
sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377...
Observable Discrepancy in libsecp256k1-rs
A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...
libsecp256k1 allows overflowing signatures
libsecp256k1 accepts signatures whose R or S parameter is larger than the secp256k1 curve order, which differs from other implementations. This could lead to invalid signatures being verified. The error is resolved in 0.5.0 by adding a checkoverflow flag...
RUSTSEC-2021-0076 libsecp256k1 allows overflowing signatures
libsecp256k1 accepts signatures whose R or S parameter is larger than the secp256k1 curve order, which differs from other implementations. This could lead to invalid signatures being verified. The error is resolved in 0.5.0 by adding a checkoverflow flag...
CVE-2019-20399
A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...
CVE-2019-20399
A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...
CVE-2019-20399
The CVE-2019-20399 entry concerns a timing vulnerability in Scalar::check_overflow within Parity libsecp256k1-rs (pre-0.3.1). Multiple connected sources (Red Hat, GHSA, OSV, NVD, OSV, Alpine, etc.) describe that this can allow an attacker to leak information via a side-channel attack. The documen...
CVE-2019-20399
A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...
Flaw in Scalar::check_overflow allows side-channel timing attack
Versions of libsecp256k1 prior to 0.3.1 did not execute Scalar::checkoverflow in constant time. This allows an attacker to potentially leak information via a timing attack. The flaw was corrected by modifying Scalar::checkoverflow to execute in constant time...
RUSTSEC-2019-0027 Flaw in Scalar::check_overflow allows side-channel timing attack
Versions of libsecp256k1 prior to 0.3.1 did not execute Scalar::checkoverflow in constant time. This allows an attacker to potentially leak information via a timing attack. The flaw was corrected by modifying Scalar::checkoverflow to execute in constant time...