CVE-2024-2236

ADVISORY - nist

Summary

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

EPSS Score⁠: 0.00228 (0.456)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-208⁠

Observable Timing Discrepancy

ADVISORY - redhat

CWE-208⁠

Observable Timing Discrepancy

CWE-385⁠

Covert Timing Channel

Impacted images

Advisories

NIST

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY IDCVE-2024-2236⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-208⁠

CVSS SCORE

5.9medium

Debian

CREATED

1 year ago

UPDATED

2 months ago

ADVISORY IDCVE-2024-2236⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

1 year ago

UPDATED

17 days ago

ADVISORY IDCVE-2024-2236⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Alma

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY IDALSA-2024:9404⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDALAS2023-2024-736⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY IDCVE-2024-2236⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-208⁠CWE-385⁠

CVSS SCORE

5.9medium

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2024:9404⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY IDELSA-2024-9404⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium