6 matches found
JLSEC-2025-232 Side channel in RSA key generation and operations (SSBleed, M-Step)
Vulnerability Mbed TLS's modular inversion routine and GCD routine are vulnerable to local timing attacks in a number of settings discussed below. These functions are used in RSA, making the following operations vulnerable in all configurations: - RSA key generation with any API mbedtlsrsagenkey...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989804)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989804 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990291)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990291 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that...
PT-2025-34839 · Unknown · Editso Fuso
Name of the Vulnerable Software and Affected Versions: editso fuso versions up to 1.0.4-beta.7 Description: A flaw exists due to inadequate encryption strength caused by the manipulation of the priv key argument within the PenetrateRsaAndAesHandshake function located in the...
SUSE-SU-2025:02229-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized variable in...
MatrixSSL pstm_exptmod Function Miscalculation Vulnerability
INSIDE Secure MatrixSSL is an embedded, open source SSLv3 stack from INSIDE Secure, France, designed for small applications and devices. The pstmexptmod in MatrixSSL inputs incorrect results for certain parameters, causing the associated cryptographic functions to fail to handle the private key...