Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2024-0108

Опубликовано: 10 янв. 2024
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2024-0108: nss security update (MODERATE)

[3.90.0-4]

  • CVE-2023-5388 nss: timing attack against RSA decryption. Make the final blinding multmod constant time.

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

nspr

4.35.0-4.el9_3

nspr-devel

4.35.0-4.el9_3

nss

3.90.0-4.el9_3

nss-devel

3.90.0-4.el9_3

nss-softokn

3.90.0-4.el9_3

nss-softokn-devel

3.90.0-4.el9_3

nss-softokn-freebl

3.90.0-4.el9_3

nss-softokn-freebl-devel

3.90.0-4.el9_3

nss-sysinit

3.90.0-4.el9_3

nss-tools

3.90.0-4.el9_3

nss-util

3.90.0-4.el9_3

nss-util-devel

3.90.0-4.el9_3

Oracle Linux x86_64

nspr

4.35.0-4.el9_3

nspr-devel

4.35.0-4.el9_3

nss

3.90.0-4.el9_3

nss-devel

3.90.0-4.el9_3

nss-softokn

3.90.0-4.el9_3

nss-softokn-devel

3.90.0-4.el9_3

nss-softokn-freebl

3.90.0-4.el9_3

nss-softokn-freebl-devel

3.90.0-4.el9_3

nss-sysinit

3.90.0-4.el9_3

nss-tools

3.90.0-4.el9_3

nss-util

3.90.0-4.el9_3

nss-util-devel

3.90.0-4.el9_3

Связанные CVE

CVE-2023-5388

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2023-5388

CVSS3: 6.5
ubuntu
больше 1 года назад

NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

redhat логотип

CVE-2023-5388

CVSS3: 6.5
redhat
больше 1 года назад

NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

nvd логотип

CVE-2023-5388

CVSS3: 6.5
nvd
больше 1 года назад

NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

debian логотип

CVE-2023-5388

CVSS3: 6.5
debian
больше 1 года назад

NSS was susceptible to a timing side-channel attack when performing RS ...

suse-cvrf логотип

SUSE-SU-2024:2600-1

suse-cvrf
11 месяцев назад

Security update for mozilla-nss