DEBIAN-CVE-2023-1018

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM...

SUSE-SU-2023:0581-1 Security update for compat-openssl098

This update for compat-openssl098 fixes the following issues: - CVE-2022-4304: Fixed timing Oracle in RSA Decryption bsc1207534...

LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. The company said one of its DevOps engineers had their personal home compute...

PT-2023-1651 · Tpm2.0 +8 · Tpm2.0 +8

Name of the Vulnerable Software and Affected Versions: TPM2.0 affected versions not specified Description: An out-of-bounds write vulnerability exists in TPM2.0's Module Library, allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. This can lea...

UBUNTU-CVE-2023-1017

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...

AlmaLinux 9 : openssl (ALSA-2023:0946)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0946 advisory. - A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after...

ALSA-2023:0946 Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RS...

RHEL 9 : openssl (RHSA-2023:0946)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0946 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

openssl security and bug fix update

3.0.1-47.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-47 - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEMreadbioex Resolves: CVE-2022-4450 - Fixed...

UBUNTU-CVE-2023-1018

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM...

MGASA-2023-0067 Updated gnutls packages fix security vulnerability

Timing side channel in the RSA decryption implementation of the GNU TLS library. CVE-2023-0361...

Updated gnutls packages fix security vulnerability

Timing side channel in the RSA decryption implementation of the GNU TLS library. CVE-2023-0361...

USN-5844-1: OpenSSL vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL...

SUSE SLED15: gnutls / gnutls-guile / libgnutls-devel / libgnutls-devel-32bit / etc (SUSE-SU-2023:0475-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0475-1 advisory. - CVE-2023-0361: Fixed a Bleichenbacher oracle in the TLS RSA key exchange bsc1208143. - FIPS: Make the...

Fedora 36 : openssl (2023-a5564c0a3f)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a5564c0a3f advisory. Rebase to upstream version 3.0.8 Resolves: CVE-2022-4203 Resolves: CVE-2022-4304 Resolves: CVE-2022-4450 Resolves: CVE-2023-0215 Resolves:...

K40812100: OpenSSL vulnerability CVE-2021-3711

Security Advisory Description In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is...

K01413496: vCMP vulnerability CVE-2019-6632

Security Advisory Description Under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to encrypted configuration and/or UCS files...

K95463126: OpenSSL vulnerabilities CVE-2016-0703 and CVE-2016-0704

Security Advisory Description CVE-2016-0703 The getclientmasterkey function in s2srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, whic...

K13607: Hosts may generate weak RSA keys under low entropy conditions

Security Advisory Description A recent study, linked in the Supplemental Information section, has revealed that when a system generates new RSA keys under low-entropy conditions, such as during the first system boot, the resulting keys may not be cryptographically strong. During its first boot, t...

K16139: OpenSSL vulnerability CVE-2015-0204

Security Advisory Description The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORTRSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a...