VDB

GCVE-110-MAGEIA-2024-152

GCVE-110-MAGEIA-2024-152
Advisory Published
Vulnetix · Advisory published April 27, 2024
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. (CVE-2024-0914)

Affected Products

VendorProductVersionsPlatforms
Mageiaopencryptoki0 (affected), 3.23.0-1.1.mga9 (unaffected), 0 (affected), 3.23.0-1.1.mga9 (unaffected)
Mageialilypond0 (affected), 2.24.3-1.mga9 (unaffected)

Browse GCVE Records

72,921 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›