EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-1740)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1740)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-6057

Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified Description A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive...

Fedora: Security Advisory (FEDORA-2024-f69ecb0511)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6733-1: GnuTLS vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. CVE-2024-28834 It was...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to glibc, Golang Go , Apache HTTP, IBM GSKit-Crypto and GnuTLS packages/liberaries .

Summary IBM MQ Operator and Queue manager container images are vulnerable to glibc, Golang Go , Apache HTTP, IBM GSKit-Crypto and GnuTLS. This bulletin identifies the steps required to address these vulnerabilities. Vulnerability Details CVEID:CVE-2024-33599 DESCRIPTION: glibc is vulnerable to a...

gnutls: vulnerable to Minerva side-channel information leak

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. 'Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

gnutls: potential crash during chain building/verification

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command...

RHEL 9 : gnutls (RHSA-2024:2889)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2889 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as...

Security Bulletin: IBM Security Guardium is affected by multiple Linux Kernel vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2023-6679 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the dpllpinparentpinset function in drivers/dpll/dpllnetlink.c i...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1607)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1626)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.1 : gnutls (EulerOS-SA-2024-1607)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the...

EulerOS Virtualization 2.11.0 : gnutls (EulerOS-SA-2024-1626)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the...

SUSE: Security Advisory (SUSE-SU-2024:0638-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : gnutls (SUSE-SU-2024:0638-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0638-2 advisory. - A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the...

Rocky Linux 9 : gnutls (RLSA-2024:2570)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2570 advisory. - A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading t...

SUSE-SU-2024:0638-2 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2024-0567: Fixed an incorrect rejection of certificate chains with distributed trust bsc1218862. - CVE-2024-0553: Fixed a timing attack against the RSA-PSK key exchange, which could lead to the leakage of sensitive data bsc1218865...

RHEL 6 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant CVE-2018-10845 -...