RHSA-2020:4482 Red Hat Security Advisory: libgcrypt security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2016:2674 Red Hat Security Advisory: libgcrypt security update

Bulletin has no description...

RHSA-2013:1457 Red Hat Security Advisory: libgcrypt security update

Bulletin has no description...

Photon OS 3.0: Libgcrypt PHSA-2019-3.0-0036

An update of the libgcrypt package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Libgcrypt PHSA-2021-4.0-0124

An update of the libgcrypt package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0124. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Libgcrypt PHSA-2020-2.0-0227

An update of the libgcrypt package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0227. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

OPENSUSE-SU-2024:12540-1 libgcrypt-devel-1.10.1-1.1 on GA media

These are all security issues fixed in the libgcrypt-devel-1.10.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10037-1 libgcrypt-cavs-1.7.3-1.3 on GA media

These are all security issues fixed in the libgcrypt-cavs-1.7.3-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10941-1 libgcrypt-cavs-1.9.4-1.2 on GA media

These are all security issues fixed in the libgcrypt-cavs-1.9.4-1.2 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : libgcrypt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack...

RHEL 7 : libgcrypt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgcrypt: Use of left-to-right sliding window method allows full RSA key recovery CVE-2017-7526 -...

RHEL 5 : libgcrypt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgcrypt: PRNG output is predictable CVE-2016-6313 - libgcrypt: Use of left-to-right sliding window meth...

RHEL 6 : gnupg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing...

RHEL 5 : gnupg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing...

RHEL 7 : gnupg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing...

RHEL 6 : libgcrypt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgcrypt: Use of left-to-right sliding window method allows full RSA key recovery CVE-2017-7526 -...

Timing Based Side-Channel Attack

Libgcrypt is vulnerable to a timing-based side-channel attack. The vulnerability is due to the handling of RSA decryption, which may allow a remote attacker to initiate a Bleichenbacher-style attack and decrypt arbitrary RSA ciphertexts...

The vulnerability of the Libgcrypt cryptographic library lies in the insufficient protection of service data due to timing differences, allowing attackers to execute the Bleichenbacher attack or the Marvin attack.

The vulnerability of the Libgcrypt cryptographic library is related to insufficient protection of service data due to timing differences. Exploiting this vulnerability allows a remote attacker to execute a Bleichenbacher attack or a Marvin attack...

SUSE CVE-2024-2236

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts...

CVE-2024-2236

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts...