3 matches found
OESA-2024-2480 openssl security update
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...
Covert Timing Channel
Overview Affected versions of this package are vulnerable to Covert Timing Channel via the Galois Field multiplications process. An attacker can effectively downgrade the security guarantees of the XTS mode to those of ECB mode, enabling block swapping and identification of identical blocks,...
galois_2p8 安全漏洞
Galois2p8 is a basic arithmetic library for all Gf2^8 fields by the individual developer Daniel Sweet. A security vulnerability exists in galois2p8 versions prior to 0.1.2, which stems from PrimitivePolynomialField::new having an off by one buffer overflow for vectors...