Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:02719-1

Опубликовано: 07 авг. 2025
Источник: suse-cvrf

Описание

Security update for libgcrypt

This update for libgcrypt fixes the following issues:

  • CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107).

Список пакетов

Container bci/bci-minimal:latest
libgcrypt20-1.11.0-150700.5.7.1
Container suse/kiosk/firefox-esr:latest
libgcrypt20-1.11.0-150700.5.7.1
Container suse/kiosk/pulseaudio:latest
libgcrypt20-1.11.0-150700.5.7.1
Container suse/kiosk/xorg-client:latest
libgcrypt20-1.11.0-150700.5.7.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
libgcrypt-devel-1.11.0-150700.5.7.1
libgcrypt20-1.11.0-150700.5.7.1
libgcrypt20-32bit-1.11.0-150700.5.7.1

Ссылки

Описание

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

Затронутые продукты
Container bci/bci-minimal:latest:libgcrypt20-1.11.0-150700.5.7.1
Container suse/kiosk/firefox-esr:latest:libgcrypt20-1.11.0-150700.5.7.1
Container suse/kiosk/pulseaudio:latest:libgcrypt20-1.11.0-150700.5.7.1
Container suse/kiosk/xorg-client:latest:libgcrypt20-1.11.0-150700.5.7.1
Ссылки