Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":1,"type":"x","order":1,"pct":25,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":1,"type":"x","order":2,"pct":25,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":2,"type":"x","order":3,"pct":50,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
203

Mageia 6: 2018-0435 Critical: GnuTLS HMAC-SHA Timing Attack Mitigation

The updated packages fix security vulnerabilities: It was found that the GnuTLS implementation of HMAC-SHA-256 and HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and . MGASA-2018-0435 - Updated gnutls packages fix security vulnerabilities Publication date: 03 Nov 2018 URL: https://advisories.mageia.org/MGASA-2018-0435.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-10844, CVE-2018-10845, CVE-2018-10846 The updated packages fix security vulnerabilities: It was found that the GnuTLS implementation of HMAC-SHA-256 and HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets (CVE-2018-10844, CVE-2018-10845). A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets (CVE-2018-10846). References: - https://bugs.mageia.org/show_bug.cgi?id=23682 - - - https://www.cve.org/CVERecord?id=CVE-2018-10844 - https://www.cve.org/CVERecord?id=CVE-2018-10845 - https://www.cve.org/CVERecord?id=CVE-2018-10846 SRPMS: - 6/core/gnutls-3.5.13-1.1.mga6 . Mageia users can now benefit from updated gnutls packages that address significant vulnerabilities, including potential timing attack threats.. GnuTLS Update,Mageia Security,Remote Attack Prevention. . LinuxSecurity.com Team

Calendar%202 Nov 03, 2018 Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":1,"type":"x","order":1,"pct":25,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":1,"type":"x","order":2,"pct":25,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":2,"type":"x","order":3,"pct":50,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200