SUSE SLES11 Security Update : openssl (SUSE-SU-2019:14249-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2019:14249-1 advisory. - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very...

CVE-2021-3580

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service...

CVE-2021-33560

A side-channel attack flaw was found in the way libgcrypt implemented Elgamal encryption. This flaw allows an attacker to decrypt parts of ciphertext encrypted using Elgamal, for example, when using OpenPGP. The highest threat from this vulnerability is to confidentiality...

SUSE: Security Advisory (SUSE-SU-2020:3592-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:4235-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-202106-28] nettle: denial of service

Arch Linux Security Advisory ASA-202106-28 ========================================== Severity: Medium Date : 2021-06-09 CVE-ID : CVE-2021-3580 Package : nettle Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2052 Summary ======= The package nettle before version...

CVE-2021-3580

A flaw was found in nettle in the way its RSA decryption functions handle specially crafted ciphertext. This flaw allows an attacker to provide a manipulated ciphertext, leading to an application crash and a denial of service. Mitigation As per upstream: For applications that want to support olde...

Linux Nettle 输入验证错误漏洞

Linux Nettle is an American open source application for Linux. Contains a design that lends itself easily to a low-level cryptographic library in many cases. An input validation error vulnerability exists in Linux Nettle, which stems from the way the RSA decryption function improperly handles...

Denial Of Service (DoS)

libtpms.so is vulnerable to denial of service. Decrypting data using RSA causes a SIGBUS bad memory access and termination of swtpm in CryptRsaDecrypt in src/tpm2/crypto/openssl/CryptRsa.c...

CVE-2021-3569

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...

CVE-2021-3569

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...

DEBIAN-CVE-2021-3569

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...

CVE-2021-3569

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...

Stack overflow

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...

CVE-2021-3569

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...

UBUNTU-CVE-2021-3569

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...

CVE-2021-3569

CVE-2021-3569 describes a stack corruption bug in libtpms that occurs when decrypting data using RSA. Affected versions are before 0.7.2 and before 0.8.0, and the flaw can cause a SIGBUS (bad memory access) and termination of swtpm, with the highest impact on availability. The connected sources c...

CVE-2021-3569

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...

python-cryptography: Bleichenbacher timing oracle attack against RSA decryption

A flaw was found in python-cryptography, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality...

Moderate: Red Hat Security Advisory: Red Hat Virtualization Host security update [ovirt-4.4.6]

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CV...