CVE-2024-2236
ADVISORY - ubuntuSummary
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
EPSS Score: 0.00196 (0.422)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Observable Timing Discrepancy
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2024-2236
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/Alow| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| ubuntu/libgcrypt20 | deb | ubuntu | 22.04 | >=0 | Not yet available |
| ubuntu/libgcrypt11 | deb | ubuntu | 14.04 | >=0 | Not yet available |
| ubuntu/libgcrypt20 | deb | ubuntu | 24.04 | >=0 | Not yet available |
| ubuntu/libgcrypt20 | deb | ubuntu | 23.10 | >=0 | Not yet available |
| ubuntu/libgcrypt20 | deb | ubuntu | 24.10 | >=0 | Not yet available |
| ubuntu/libgcrypt20 | deb | ubuntu | 20.04 | >=0 | Not yet available |
| ubuntu/libgcrypt20 | deb | ubuntu | 25.04 | >=0 | Not yet available |
Severity and metrics
No CVSS data available from this advisory.
NIST
CREATED
UPDATED
ADVISORY IDCVE-2024-2236
EXPLOITABILITY SCORE
2.2
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.9mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2024-2236
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowAlma
CREATED
UPDATED
ADVISORY IDALSA-2024:9404
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2023-2024-736
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumRed Hat
CVSS SCORE
5.9mediumRocky
CREATED
UPDATED
ADVISORY IDRLSA-2024:9404
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowOracle
CREATED
UPDATED
ADVISORY IDELSA-2024-9404
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-