SUSE-FU-2026:21213-1 Feature update for libgcrypt, libgpg-error

This update for libgcrypt, libgpg-error fixes the following issues: Update libgcrypt to 1.12.1 jscPED-15059: New and extended interfaces: - Allow access to the FIPS service indicator via the new GCRYCTLFIPSSERVICEINDICATOR control code. - Make SHA-1 non-FIPS internally for the 1.12 API - Add...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libgcrypt: libgcrypt-1.12.2-1.hum1 aarch64, x8664 libgcrypt-devel-1.12.2-1.hum1 aarch64, x8664 libgcrypt-1.12.2-1.hum1.src src...

Security Bulletin: Multiple Vulnerabilities in Hyper Converged Database

Summary Multiple vulnerabilities were addressed in Hyper Converged Database version 1.2.4 coming for base Docker images. Vulnerability Details CVEID:CVE-2019-12904 DESCRIPTION: In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical...

MiracleLinux 9 : libgcrypt-1.10.0-11.el9 (AXSA:2024-9141:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9141:01 advisory. libgcrypt: vulnerable to Marvin Attack CVE-2024-2236 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : libgcrypt-1.8.5-6.el8 (AXSA:2021-2604:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2604:02 advisory. libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm CVE-2021-33560 Tenable has...

MiracleLinux 8 : libgcrypt-1.8.5-7.el8 (AXSA:2022-3676:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3676:01 advisory. libgcrypt: ElGamal implementation allows plaintext recovery CVE-2021-40528 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 8 : libgcrypt-1.8.5-4.el8 (AXSA:2020-1018:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-1018:01 advisory. libgcrypt: ECDSA timing attack allowing private key leak CVE-2019-13627 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 3 : libgcrypt-1.4.4-7.AXS3 (AXSA:2013-678:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-678:01 advisory. Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. Security issues fixed with this...

MiracleLinux 4 : libgcrypt-1.4.5-12.AXS4 (AXSA:2016-863:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-863:01 advisory. Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. Security issues fixed with this...

MiracleLinux 7 : libgcrypt-1.5.3-13.el7.1 (AXSA:2016-862:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-862:01 advisory. Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. Security issues fixed with this...

MiracleLinux 4 : libgcrypt-1.4.5-11.AXS4 (AXSA:2014-002:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-002:01 advisory. Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. Security issues fixed with this...

EulerOS 2.0 SP12 : libssh (EulerOS-SA-2026-1073)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free...

gcrypt-p256-malleability-poc

libgcrypt p256 signature malleability proof-of-concept explo...

CVE-2024-2236 vulnerabilities

Vulnerabilities for packages: libgcrypt...

GHSA-W2GX-4FH8-WM9F vulnerabilities

Vulnerabilities for packages: libgcrypt...

GHSA-W2GX-4FH8-WM9F vulnerabilities

Vulnerabilities for packages: libgcrypt...

CVE-2024-2236 vulnerabilities

Vulnerabilities for packages: libgcrypt...

SUSE SLES15 Security Update : libgcrypt (SUSE-SU-2025:02773-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02773-1 advisory. - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Tenable has...

TencentOS Server 4: libgcrypt (TSSA-2024:0963)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0963 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Siemens SIMATIC S7-1500 Observable Timing Discrepancy (CVE-2024-2236)

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. This plugin only works with Tenable.ot. Please visit...