GHSA-FGRX-4637-FCF5 fuel/core Crypt encryption compromised.

In fuel/core versions pior to 1.8.1, with the right knowledge, code, and GPU calculation power, Crypt encryption can be broken in minutes...

asymmetricrypt/asymmetricrypt Padding Oracle Vulnerability in RSA Encryption

The encryption and decryption process were vulnerable against the Bleichenbacher's attack, which is a padding oracle vulnerability disclosed in the 98'. The issue was about the wrong padding utilized, which allowed to retrieve the encrypted content. The OPENSSLPKCS1PADDING version, aka PKCS v1.5...

RHEL 6 : perl-crypt-openssl-rsa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perl-Crypt-OpenSSL-RSA: side-channel attack in PKCS1 v1.5 padding mode Marvin Attack CVE-2024-2467 Note that Nessus...

RHEL 6 : 389-ds-base (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - 389-ds-base: Password brute-force possible for locked account due to different return codes CVE-2017-7551...

RHEL 7 : perl-crypt-openssl-rsa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perl-Crypt-OpenSSL-RSA: side-channel attack in PKCS1 v1.5 padding mode Marvin Attack CVE-2024-2467 Note that Nessus...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-52620 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attrallocatefra...

AZL-44739 CVE-2024-2467 affecting package perl-Crypt-OpenSSL-RSA 0.33-1

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

DEBIAN-CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

UBUNTU-CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

CVE-2024-2467 Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack)

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

CVE-2024-2467 Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack)

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

Crypt-OpenSSL-RSA 安全漏洞

Crypt-OpenSSL-RSA is a library by the individual developer Todd Rinaldo. Crypt-OpenSSL-RSA suffers from a security vulnerability that stems from the presence of a timing-based side-channel flaw that is sufficient to recover plaintext over the network in a Bleichenbacher-style attack...

OPENSUSE-SU-2024:0112-1 Security update for perl-CryptX

This update for perl-CryptX fixes the following issues: Updated to version 0.080: 0.080 2023-10-04 - fix 95 AES-NI troubles on MS Windows gcc compiler - fix 96 Tests failure with Math::BigInt = 1.999840 - Enabled AES-NI for platforms with gcc/clang/llvm 0.079 2023-10-01 - fix 92 update libtomcryp...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

SUSE CVE-2024-26718

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it calls the tasklet callback and then it calls taskletunlock. If the...

CVE-2024-26763

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...