VDB

GCVE-110-MAGEIA-2014-165

GCVE-110-MAGEIA-2014-165
Advisory Published
Vulnetix · Advisory published April 8, 2014
Updated openssl packages fix security vulnerability: The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). A missing bounds check in the handling of the TLS heartbeat extension in OpenSSL through 1.0.1f can be used to reveal up to 64k of memory to a connected client or server (CVE-2014-0160).

Affected Products

VendorProductVersionsPlatforms
Mageiamonodevelop0 (affected), 4.0.14-1.mga4 (unaffected)
Mageiaopenssl0 (affected), 1.0.1e-8.2.mga4 (unaffected), 0 (affected), 1.0.1e-8.2.mga4 (unaffected)
Mageiamonodevelop-debugger-gdb0 (affected), 4.0.14-1.mga4 (unaffected)
Mageiaopenssl1.0.1e-1.5.mga3 (unaffected), 0 (affected), 0 (affected), 1.0.1e-1.5.mga3 (unaffected)
Mageiamonodevelop-database0 (affected), 4.0.14-1.mga4 (unaffected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›