Описание
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 14-2 |
| esm-apps/bionic | released | 6-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 7-1ubuntu0.2 |
| esm-apps/jammy | released | 11-1ubuntu0.1 |
| focal | released | 7-1ubuntu0.2 |
| jammy | released | 11-1ubuntu0.1 |
| kinetic | ignored | end of life, was needed |
| lunar | released | 11-2ubuntu0.1 |
| mantic | not-affected | 14-2 |
Показывать по
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.
A race condition exists in the Tang server functionality for key gener ...
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.
ELSA-2023-7022: tang security and bug fix update (MODERATE)
EPSS
5.3 Medium
CVSS3