CVE-2024-0914 – Opencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin)
https://notcve.org/view.php?id=CVE-2024-0914
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. Se descubrió una vulnerabilidad de canal lateral de temporización en el paquete opencryptoki mientras se procesan textos cifrados acolchados RSA PKCS#1 v1.5. Este fallo podría potencialmente permitir el descifrado o la firma de texto cifrado RSA no autorizado, incluso sin acceso a la clave privada correspondiente. • https://access.redhat.com/errata/RHSA-2024:1239 https://access.redhat.com/errata/RHSA-2024:1411 https://access.redhat.com/errata/RHSA-2024:1608 https://access.redhat.com/errata/RHSA-2024:1856 https://access.redhat.com/errata/RHSA-2024:1992 https://access.redhat.com/security/cve/CVE-2024-0914 https://bugzilla.redhat.com/show_bug.cgi?id=2260407 https://people.redhat.com/~hkario/marvin • CWE-203: Observable Discrepancy •
CVE-2024-0564 – Kernel: max page sharing of kernel samepage merging (ksm) may cause memory deduplication
https://notcve.org/view.php?id=CVE-2024-0564
A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is "max page sharing=256", it is possible for the attacker to time the unmap to merge with the victim's page. The unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond the KSM's "max page share". Through these operations, the attacker can leak the victim's page. • https://access.redhat.com/security/cve/CVE-2024-0564 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1680513 https://bugzilla.redhat.com/show_bug.cgi?id=2258514 https://link.springer.com/conference/wisa https://wisa.or.kr/accepted • CWE-203: Observable Discrepancy •
CVE-2023-40551 – Shim: out of bounds read when parsing mz binaries
https://notcve.org/view.php?id=CVE-2023-40551
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase. Se encontró un fallo en el formato binario MZ en Shim. Es posible que se produzca una lectura fuera de los límites, lo que provocará un bloqueo o una posible exposición de datos confidenciales durante la fase de inicio del sistema. • https://access.redhat.com/errata/RHSA-2024:1834 https://access.redhat.com/errata/RHSA-2024:1835 https://access.redhat.com/errata/RHSA-2024:1873 https://access.redhat.com/errata/RHSA-2024:1876 https://access.redhat.com/errata/RHSA-2024:1883 https://access.redhat.com/errata/RHSA-2024:1902 https://access.redhat.com/errata/RHSA-2024:1903 https://access.redhat.com/errata/RHSA-2024:1959 https://access.redhat.com/errata/RHSA-2024:2086 https://access.redhat.com/security/cve • CWE-125: Out-of-bounds Read •
CVE-2023-40546 – Shim: out-of-bounds read printing error messages
https://notcve.org/view.php?id=CVE-2023-40546
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances. Se encontró un fallo en Shim cuando ocurrió un error al crear una nueva variable ESL. Si Shim no puede crear la nueva variable, intenta imprimir un mensaje de error para el usuario; sin embargo, la cantidad de parámetros utilizados por la función de registro no coincide con la cadena de formato utilizada, lo que provoca un bloqueo en determinadas circunstancias. • https://access.redhat.com/errata/RHSA-2024:1834 https://access.redhat.com/errata/RHSA-2024:1835 https://access.redhat.com/errata/RHSA-2024:1873 https://access.redhat.com/errata/RHSA-2024:1876 https://access.redhat.com/errata/RHSA-2024:1883 https://access.redhat.com/errata/RHSA-2024:1902 https://access.redhat.com/errata/RHSA-2024:1903 https://access.redhat.com/errata/RHSA-2024:1959 https://access.redhat.com/errata/RHSA-2024:2086 https://access.redhat.com/security/cve • CWE-476: NULL Pointer Dereference •
CVE-2023-40549 – Shim: out-of-bounds read in verify_buffer_authenticode() malformed pe file
https://notcve.org/view.php?id=CVE-2023-40549
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. Se encontró un fallo de lectura fuera de los límites en Shim debido a la falta de una verificación de límites adecuada durante la carga de un binario PE. Esta falla permite a un atacante cargar un binario PE manipulado, lo que desencadena el problema y bloquea Shim, lo que resulta en una denegación de servicio. • https://access.redhat.com/errata/RHSA-2024:1834 https://access.redhat.com/errata/RHSA-2024:1835 https://access.redhat.com/errata/RHSA-2024:1873 https://access.redhat.com/errata/RHSA-2024:1876 https://access.redhat.com/errata/RHSA-2024:1883 https://access.redhat.com/errata/RHSA-2024:1902 https://access.redhat.com/errata/RHSA-2024:1903 https://access.redhat.com/errata/RHSA-2024:1959 https://access.redhat.com/errata/RHSA-2024:2086 https://access.redhat.com/security/cve • CWE-125: Out-of-bounds Read •