Описание
Security update for libgcrypt
This update for libgcrypt fixes the following issues:
- CVE-2024-2236: Fixed timing based side-channel in RSA implementation. (bsc#1221107)
Список пакетов
Container bci/bci-minimal:15.6
libgcrypt20-1.10.3-150600.3.9.1
Container containers/milvus:2.4
libgcrypt20-1.10.3-150600.3.9.1
Container containers/pytorch:2-nvidia
libgcrypt20-1.10.3-150600.3.9.1
Container suse/mariadb:10.11
libgcrypt20-1.10.3-150600.3.9.1
Container suse/sle15:15.6
libgcrypt20-1.10.3-150600.3.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
libgcrypt-devel-1.10.3-150600.3.9.1
libgcrypt20-1.10.3-150600.3.9.1
libgcrypt20-32bit-1.10.3-150600.3.9.1
openSUSE Leap 15.6
libgcrypt-devel-1.10.3-150600.3.9.1
libgcrypt-devel-32bit-1.10.3-150600.3.9.1
libgcrypt20-1.10.3-150600.3.9.1
libgcrypt20-32bit-1.10.3-150600.3.9.1
Ссылки
- Link for SUSE-SU-2025:02447-1
- E-Mail link for SUSE-SU-2025:02447-1
- SUSE Security Ratings
- SUSE Bug 1221107
- SUSE CVE CVE-2024-2236 page
Описание
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Затронутые продукты
Container bci/bci-minimal:15.6:libgcrypt20-1.10.3-150600.3.9.1
Container containers/milvus:2.4:libgcrypt20-1.10.3-150600.3.9.1
Container containers/pytorch:2-nvidia:libgcrypt20-1.10.3-150600.3.9.1
Container suse/mariadb:10.11:libgcrypt20-1.10.3-150600.3.9.1
Ссылки
- CVE-2024-2236
- SUSE Bug 1221107