Red Hat: CVE-2023-52323: pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex (Multiple Advisories)
5
(AV:N/AC:H/Au:N/C:C/I:N/A:N)
01/05/2024
03/07/2024
03/06/2024
05/23/2024
Description
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
Solution(s)
- redhat-upgrade-fence-agents-aliyun
- redhat-upgrade-fence-agents-aliyun-debuginfo
- redhat-upgrade-fence-agents-all
- redhat-upgrade-fence-agents-amt-ws
- redhat-upgrade-fence-agents-apc
- redhat-upgrade-fence-agents-apc-snmp
- redhat-upgrade-fence-agents-aws
- redhat-upgrade-fence-agents-azure-arm
- redhat-upgrade-fence-agents-bladecenter
- redhat-upgrade-fence-agents-brocade
- redhat-upgrade-fence-agents-cisco-mds
- redhat-upgrade-fence-agents-cisco-ucs
- redhat-upgrade-fence-agents-common
- redhat-upgrade-fence-agents-compute
- redhat-upgrade-fence-agents-debuginfo
- redhat-upgrade-fence-agents-debugsource
- redhat-upgrade-fence-agents-drac5
- redhat-upgrade-fence-agents-eaton-snmp
- redhat-upgrade-fence-agents-emerson
- redhat-upgrade-fence-agents-eps
- redhat-upgrade-fence-agents-gce
- redhat-upgrade-fence-agents-heuristics-ping
- redhat-upgrade-fence-agents-hpblade
- redhat-upgrade-fence-agents-ibm-powervs
- redhat-upgrade-fence-agents-ibm-vpc
- redhat-upgrade-fence-agents-ibmblade
- redhat-upgrade-fence-agents-ifmib
- redhat-upgrade-fence-agents-ilo-moonshot
- redhat-upgrade-fence-agents-ilo-mp
- redhat-upgrade-fence-agents-ilo-ssh
- redhat-upgrade-fence-agents-ilo2
- redhat-upgrade-fence-agents-intelmodular
- redhat-upgrade-fence-agents-ipdu
- redhat-upgrade-fence-agents-ipmilan
- redhat-upgrade-fence-agents-kdump
- redhat-upgrade-fence-agents-kdump-debuginfo
- redhat-upgrade-fence-agents-kubevirt
- redhat-upgrade-fence-agents-kubevirt-debuginfo
- redhat-upgrade-fence-agents-lpar
- redhat-upgrade-fence-agents-mpath
- redhat-upgrade-fence-agents-openstack
- redhat-upgrade-fence-agents-redfish
- redhat-upgrade-fence-agents-rhevm
- redhat-upgrade-fence-agents-rsa
- redhat-upgrade-fence-agents-rsb
- redhat-upgrade-fence-agents-sbd
- redhat-upgrade-fence-agents-scsi
- redhat-upgrade-fence-agents-virsh
- redhat-upgrade-fence-agents-vmware-rest
- redhat-upgrade-fence-agents-vmware-soap
- redhat-upgrade-fence-agents-wti
- redhat-upgrade-fence-agents-zvm
- redhat-upgrade-fence-virt
- redhat-upgrade-fence-virt-debuginfo
- redhat-upgrade-fence-virtd
- redhat-upgrade-fence-virtd-cpg
- redhat-upgrade-fence-virtd-cpg-debuginfo
- redhat-upgrade-fence-virtd-debuginfo
- redhat-upgrade-fence-virtd-libvirt
- redhat-upgrade-fence-virtd-libvirt-debuginfo
- redhat-upgrade-fence-virtd-multicast
- redhat-upgrade-fence-virtd-multicast-debuginfo
- redhat-upgrade-fence-virtd-serial
- redhat-upgrade-fence-virtd-serial-debuginfo
- redhat-upgrade-fence-virtd-tcp
- redhat-upgrade-fence-virtd-tcp-debuginfo
- redhat-upgrade-ha-cloud-support
- redhat-upgrade-ha-cloud-support-debuginfo
- redhat-upgrade-ha-openstack-support
- redhat-upgrade-ha-openstack-support-debuginfo
- redhat-upgrade-resource-agents
- redhat-upgrade-resource-agents-aliyun
- redhat-upgrade-resource-agents-aliyun-debuginfo
- redhat-upgrade-resource-agents-debuginfo
- redhat-upgrade-resource-agents-debugsource
- redhat-upgrade-resource-agents-gcp
- redhat-upgrade-resource-agents-paf
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center