Discovery API Icon
Discovery API
Security Advisory Icon
Security Advisory
Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2024-2236

Published: March 7, 2024Last modified: July 22, 2025

Description

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

Severity score breakdown

ParameterValue
Base score5.9
Attack VectorNETWORK
Attack complexityHIGH
Privileges requiredNONE
User interactionNONE
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactNONE
Availability impactNONE
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlibgcryptVulnerable (1.10.1-r0)
StreamlibgcryptVulnerable (1.10.1-r0)
Hardened Containers23 LTSlibgcryptVulnerable (1.10.1-r0)

References

ON THIS PAGE