Описание
Security update for libcryptopp
This update for libcryptopp fixes the following issues:
- CVE-2024-28285: Fixed potential leak of secret key of ElGamal encryption via fault injection (bsc#1224280)
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise Server 15 SP4-LTSS
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise Server 15 SP5-LTSS
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise Server for SAP Applications 15 SP5
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Manager Proxy 4.3
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Manager Server 4.3
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
openSUSE Leap 15.6
libcryptopp-devel-8.6.0-150400.3.9.1
libcryptopp8_6_0-8.6.0-150400.3.9.1
libcryptopp8_6_0-32bit-8.6.0-150400.3.9.1
Ссылки
- Link for SUSE-SU-2025:01816-1
- E-Mail link for SUSE-SU-2025:01816-1
- SUSE Security Ratings
- SUSE Bug 1224280
- SUSE CVE CVE-2024-28285 page
Описание
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate privileges.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcryptopp-devel-8.6.0-150400.3.9.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libcryptopp8_6_0-8.6.0-150400.3.9.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcryptopp-devel-8.6.0-150400.3.9.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libcryptopp8_6_0-8.6.0-150400.3.9.1
Ссылки
- CVE-2024-28285
- SUSE Bug 1224280