2 matches found
The vulnerability of the lib/utils/donna128.h component of the Botan cryptographic library, related to information disclosure due to incompatibilities, allows attackers to gain access to confidential data.
The vulnerability of the lib/utils/donna128.h component in the Botan cryptographic library is related to the exposure of information through incompatibility. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential data...
UBUNTU-CVE-2024-50383
Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...