3 matches found
CVE-2026-23519 RustCrypto cmov: thumbv6m-none-eabi compiler emits non-constant time assembly when using cmovnz
RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi Cortex M0, M0+ and M1 compiler emits non-constant time assembly when using cmovnz...
Fedora 42 : perl-String-Compare-ConstantTime (2025-ce51c124a5)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-ce51c124a5 advisory. This release fixes CVE-2024-13939 leaking the length of a secret string Tenable has extracted the preceding description block directly from the Fedora securi...
UBUNTU-CVE-2019-14318
Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because scalar multiplication in ecp.cpp...