CVE-2024-2236

Medium

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a…

redhat·CWE-385·Published 2024-03-06

CVSS

5.9

EPSS

0.01

KEV

Exploits

Vendor statements (3)

cve.orgen

212 chars

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

NVDes

251 chars

Se encontró una falla de canal lateral basada en sincronización en la implementación RSA de libgcrypt. Este problema puede permitir que un atacante remoto inicie un ataque estilo Bleichenbacher, que puede conducir al descifrado de textos cifrados RSA.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.9	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Primary	cve.org	5.9	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Secondary	NVD	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N