Linux Distros Unpatched Vulnerability : CVE-2019-12904

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other...

Linux Distros Unpatched Vulnerability : CVE-2018-0495

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding...

Linux Distros Unpatched Vulnerability : CVE-2016-6313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier...

Linux Distros Unpatched Vulnerability : CVE-2014-5270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it...

CLSA-2025-1736859209 libgcrypt: Fix of CVE-2024-2236

CVE-2024-2236: fix timing-based side-channel vulnerability in RSA implementation...

PT-2025-36723

Name of the Vulnerable Software and Affected Versions: libssh affected versions not specified Description: A memory exhaustion issue exists in libssh’s handling of key exchange KEX processes. When a client repeatedly sends incorrect KEX guesses, the library fails to free memory during rekey...

Oracle Linux 9 : libgcrypt (ELSA-2024-9404)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9404 advisory. 1.10.0-11 - Fix CVE-2024-2236 RHEL-34579 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

Fedora 41 : mingw-libgcrypt (2024-9764fc1fc9)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9764fc1fc9 advisory. Automatic update for mingw-libgcrypt-1.10.3-1.fc41. Changelog Fri Mar 8 2024 Richard W.M. Jones - 1.10.3-1 - Rebase to libgcrypt 1.10.3 to match Fedora...

libgcrypt security update

1.10.0-11 - Fix CVE-2024-2236 RHEL-34579...

RHSA-2024:9404 Red Hat Security Advisory: libgcrypt security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: libgcrypt security update

An update for libgcrypt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

libgcrypt: vulnerable to Marvin Attack

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts...

ALSA-2024:9404 Moderate: libgcrypt security update

The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fixes: libgcrypt: vulnerable to Marvin Attack CVE-2024-2236 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

RHEL 9 : libgcrypt (RHSA-2024:9404)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9404 advisory. The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fixes: libgcrypt: vulnerable to Marvin...

Moderate: libgcrypt security update

The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fixes: libgcrypt: vulnerable to Marvin Attack CVE-2024-2236 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

Medium: libgcrypt

Issue Overview: A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. CVE-2024-2236 Affected Packages: libgcrypt Issue Correction: Run dnf...

Medium: libgcrypt

Issue Overview: A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. CVE-2024-2236 Affected Packages: libgcrypt Issue Correction: Run dnf...

Amazon Linux 2023 : libgcrypt, libgcrypt-devel (ALAS2023-2024-736)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-736 advisory. A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA...

RHSA-2022:5311 Red Hat Security Advisory: libgcrypt security update

Bulletin has no description...

RHSA-2021:4409 Red Hat Security Advisory: libgcrypt security and bug fix update

Bulletin has no description...