CVE-2024-2236
Published: 6 March 2024
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Notes
Author | Note |
---|---|
mdeslaur | No upstream fix for this issue as of 2024-04-15 |
Priority
Status
Package | Release | Status |
---|---|---|
libgcrypt11 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Deferred
(2024-04-15)
|
|
upstream |
Needs triage
|
|
libgcrypt20 Launchpad, Ubuntu, Debian |
bionic |
Deferred
(2024-04-15)
|
focal |
Deferred
(2024-04-15)
|
|
jammy |
Deferred
(2024-04-15)
|
|
mantic |
Deferred
(2024-04-15)
|
|
upstream |
Needs triage
|
|
xenial |
Deferred
(2024-04-15)
|