Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
100
security advisoryimportantsuseSUSE: 2025:01939-1 urgent: libcryptopp critical key leak resolution
* bsc#1224280 Cross-References: * CVE-2024-28285 . # Security update for libcryptopp Announcement ID: SUSE-SU-2025:01939-1 Release Date: 2025-06-13T07:20:37Z Rating: important References: * bsc#1224280 Cross-References: * CVE-2024-28285 CVSS scores: * CVE-2024-28285 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for libcryptopp fixes the following issues: * CVE-2024-28285: Fixed potential leak of secret key of ElGamal encryption via fault injection (bsc#bsc#1224280). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1939=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1939=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1939=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1939=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libcryptopp-debugsource-5.6.5-150000.1.15.1 * libcryptopp5_6_5-5.6.5-150000.1.15.1 * libcryptopp5_6_5-debuginfo-5.6.5-150000.1.15.1 * libcryptopp-devel-5.6.5-150000.1.15.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libcryptopp-debugsource-5.6.5-150000.1.15.1 * libcryptopp5_6_5-5.6.5-150000.1.15.1 * libcryptopp5_6_5-debuginfo-5.6.5-150000.1.15.1 * libcryptopp-devel-5.6.5-150000.1.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libcryptopp-debugsource-5.6.5-150000.1.15.1 * libcryptopp5_6_5-5.6.5-150000.1.15.1 * libcryptopp5_6_5-debuginfo-5.6.5-150000.1.15.1 * libcryptopp-devel-5.6.5-150000.1.15.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libcryptopp-debugsource-5.6.5-150000.1.15.1 * libcryptopp5_6_5-5.6.5-150000.1.15.1 * libcryptopp5_6_5-debuginfo-5.6.5-150000.1.15.1 * libcryptopp-devel-5.6.5-150000.1.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28285.html * https://bugzilla.suse.com/show_bug.cgi?id=1224280 . Patch addresses CVE-2024-28285 in libcryptopp on SUSE servers, resolving vulnerabilities of key exposure.. SUSE security update, libcryptopp fix, CVE-2024-28285 patch. . Severity: Important. LinuxSecurity.com Team
Jun 13, 2025
•Important
SuSE
100
security advisorysecurity issuecriticalSUSE CORE 9: 2014:0768-1 Critical: OpenSSL MITM Issue And Key Leak
An update that solves two vulnerabilities and has one An update that solves two vulnerabilities and has one An update that solves two vulnerabilities and has one errata is now available. errata is now available.. SUSE Security Update: Security update for OpenSSL ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0768-1 Rating: critical References: #459468 #489641 #880891 Cross-References: CVE-2011-4354 CVE-2014-0224 Affected Products: SUSE CORE 9 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: OpenSSL was updated to fix the following security vulnerabilities: * SSL/TLS MITM vulnerability. (CVE-2014-0224) * ECC private key can leak on 32 bit platforms. (CVE-2011-4354) Further information can be found at . Security Issues references: * CVE-2014-0224 * CVE-2011-4354 Package List: - SUSE CORE 9 (i586 s390 s390x x86_64): openssl-0.9.7d-15.50 openssl-devel-0.9.7d-15.50 openssl-doc-0.9.7d-15.50 - SUSE CORE 9 (x86_64): openssl-32bit-9-201406041231 openssl-devel-32bit-9-201406041231 - SUSE CORE 9 (s390x): openssl-32bit-9-201406060130 openssl-devel-32bit-9-201406060130 References: https://www.suse.com/security/cve/CVE-2011-4354.html https://www.suse.com/security/cve/CVE-2014-0224.html https://scc.suse.com:443/patches/ . SUSE Security Update for OpenSSL addresses severe vulnerabilities, such as a potential MAN-IN-THE-MIDDLE exploit and unintentional exposure of ECC private keys.. OpenSSL Update,SUSE Security Advisory,MITM Vulnerability,Security Fix. . Severity: Critical. LinuxSecurity.com Team
Jun 07, 2014
•Critical
SuSE
98
security advisorymoderatesecurity issueRed Hat: RHSA-2006:0132-01 Moderate Security Issue with dm-crypt Key Leak
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the third regular update. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated kernel packages available for Red Hat Enterprise Linux 4 Update 3 Advisory ID: RHSA-2006:0132-01 Advisory URL: https://access.redhat.com/errata/RHSA-2006:0132.html Issue date: 2006-03-07 Updated on: 2006-03-07 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-0095 - ---------------------------------------------------------------------1. Summary: Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the third regular update. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. This is the third regular kernel update to Red Hat Enterprise Linux 4. New features introduced in this update include: - - Open InfiniBand (OpenIB) support - - Serial Attached SCSI support - - NFS access control lists, asynchronous I/O - - IA64 multi-core support and sgi updates - - Large SMP CPU limits increased using the largesmp kernel: Up to 512 CPUs in ia64, 128 in ppc64, and 64 in AMD64 and Intel EM64T - - Improved read-ahead performance - - Common Internet File System (CIFS) update - -Device mapper mirroring - - Error Detection and Correction (EDAC) modules - - Unisys support There were several bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 4. The following security bug was fixed in this update: - - dm-crypt did not clear a structure before freeing it, which could allow local users to discover information about cryptographic keys (CVE-2006-0095) The following device drivers have been upgraded to new versions: cciss: 2.6.8 to 2.6.8-rh1 ipmi_devintf: 33.4 to 33.11 ipmi_msghandler: 33.4 to 33.11 ipmi_poweroff: 33.4 to 33.11 ipmi_si: 33.4 to 33.11 ipmi_watchdog: 33.4 to 33.11 mptbase: 3.02.18 to 3.02.60.01rh e1000: 6.0.54-k2-NAPI to 6.1.16-k2-NAPI ixgb: 1.0.95-k2-NAPI to 1.0.100-k2-NAPI tg3: 3.27-rh to 3.43-rh aacraid: 1.1.2-lk2 to 1.1-5[2412] ahci: 1.01 to 1.2 ata_piix: 1.03 to 1.05 iscsi_sfnet: 4:0.1.11-1 to 4:0.1.11-2 libata: 1.11 to 1.20 qla2100: 8.01.00b5-rh2 to 8.01.02-d3 qla2200: 8.01.00b5-rh2 to 8.01.02-d3 qla2300: 8.01.00b5-rh2 to 8.01.02-d3 qla2322: 8.01.00b5-rh2 to 8.01.02-d3 qla2xxx: 8.01.00b5-rh2 to 8.01.02-d3 qla6312: 8.01.00b5-rh2 to 8.01.02-d3 sata_nv: 0.6 to 0.8 sata_promise: 1.01 to 1.03 sata_svw: 1.06 to 1.07 sata_sx4: 0.7 to 0.8 sata_vsc: 1.0 to 1.1 cifs: 1.20 to 1.34 Added drivers: bnx2: 1.4.25 dell_rbu: 0.7 hangcheck-timer: 0.9.0 ib_mthca: 0.06 megaraid_sas: 00.00.02.00 qla2400: 8.01.02-d3 typhoon: 1.5.7 All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date Forinformation on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 108616 - RHEL4 (IPF): Support for Additional function in Intel's Monticeto processor (HW) 108827 - RHEL4: Infiniband support 131889 - RHEL4 U2: SATA ATAPI support (including ESB2) 139949 - sym driver creates voluminous /var/log/messages entries 141699 - FEAT: RHEL 4 U3: ia64 needs hint@pause in spinloop 141851 - spin loops on both ia32 and ia32e need cpu_relax 144477 - bonding mode=6 + dhcp doesn't work correctly 144703 - ia32 apps that are not large file aware can access files > = 4GB 145061 - SMART support in SATA driver (P1) 149294 - qlogic fabric rediscovery functionality missing 150893 - On few Nocona based platforms, acpi-cpufreq driver assumes the wrong CPU freq at boot time 151549 - RHEL 4 Kernel does not provide ACL support over NFS 152036 - Amanda hangs on backup in case of ip_conntrack_amanda is used (RHEL4) 153971 - large usb flash drive require reboot to mount more than once 154387 - umount fails on nfs server side when nfs client does heavy io 155017 - Unisys' x86_64 ES7000 loses legacy devices during boot when using latest ES7000 platform code 156437 - Writing large file to 1TB ext3 volume sometimes very slow 156602 - SCTP memory consumption, additional fixes 156785 - Missing SHUTDOWN notification with SCTP stream socket 157241 - [RHEL4-U3] PCI Hotplug - Slot powered off after enabling 157586 - ES7000 systems won't boot with large configuration 159869 - Diskdump fails through ipr driver 160308 - USB Key stops working after upgrade to U1 160844 - dangling POSIX locks after close 161101 - Assertion failure in journal_commit_transaction() at fs/jbd/commit.c:790: "jh-> b_next_transaction == ((void *)0)" 161362 - Oracle Hangs with directio and aio using NFS 161597 - sysfs_remove_dir()de-references NULL pointer 161617 - RHEL4 Panics at smp_apic_timer_interrupt 161846 - Problem with b44: SIOCSIFFLAGS: Cannot allocate memory 162094 - read() with count > 0xffffffff panics kernel at fs/direct-io.c:886 162731 - [RHEL4] 'getpriority/setpriority' broken with PRIO_USER, who=0 162732 - io_cancel doesn't work properly 162759 - System occasionally experienced system hangs. 162814 - Assertion failure in log_do_checkpoint 163150 - request backport of fc transport class HBA port_id for dm-multipath 163738 - Kernel PANIC - not syncing: fatal exception 163741 - qetharp 'Operation not supported' on non-layer2 guestlan 164298 - PANIC at rpc_wake_up_status 164547 - Bug in IPv6 address adding error path 165018 - Bonding driver fails to switch to backup link 165092 - Bugs in kernel key managment syscall interface 165154 - Bad order for release_region in error exit from i810_probe 165741 - acct does not have Large File Support 165744 - 2.6: /sbin/service iptables stop hangs on modprobe -r ipt_state 165959 - NFS/RPC - timestamp conversion is wrong 166454 - rpmbuild --rebuild glibc-2.3.4-2.12.src.rpm hangs (same problem with glibc-2.3.4-2.9.src.rpm) 166524 - Erratic behaviour when system fd limit reached 166544 - 2.6.9-16.ELsmp null pointer dereference in __bounce_end_io_read on x86_64 166589 - mount/umount can cause the block device reads to fail 166880 - [RHEL4 U1] OOPS removing ahci driver 167115 - [RHEL4 U1] Bonding driver does not switch to backup interface upon active interface failure under heavy UDP traffic 167192 - NFSv3 locking misses important kernel patches 167211 - RHEL4 Panic in __wake_up_common (networking) 167630 - Multicast domain membership doesn't follow bonding failover 167634 - RHEL4 __copy_user breaks on unaligned src 167645 - RHEL4 U2 performance regression running enterprise workload 167730 - FEAT RHEL4 U3: 10GigE Neterion Driver Update (S2io) 167731 - [RHEL4] hangcheck-timer not compiled in RHEL4 on IA64 167907 - SCTP association restart problem, possiblebackport 168090 - ipmi_poweroff driver update for Dell
Mar 07, 2006
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!