A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2024-01-31T04:53:28.508Z
Updated: 2024-05-01T20:21:49.596Z
Reserved: 2024-01-25T22:28:25.811Z
Link: CVE-2024-0914
JSON object: View
NVD Information
Status : Modified
Published: 2024-01-31T05:15:08.137
Modified: 2024-04-25T17:15:47.280
Link: CVE-2024-0914
JSON object: View
Redhat Information
No data.
CWE