CVE-2023-6258: Pkcs11-provider: side-channel proofing pkcs#1 1.5 paths
First published: Wed Nov 22 2023(Updated: )
A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards (PKCS#11). If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS#1 1.5 decryption.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/pkcs11-provider | <0.2 | 0.2 |
| Latchset Pkcs11-provider | =0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/title
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-6258
- agent/software-canonical-lookup
- agent/references
- agent/description
- agent/first-publish-date
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/latchset
- canonical/latchset pkcs11-provider
- version/latchset pkcs11-provider/0.1