nettle-2.7.1-9.0.1.el7.AXS7
エラータID: AXSA:2025-10914:02
リリース日:
2025/10/02 Thursday - 16:28
題名:
nettle-2.7.1-9.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- nettle には、Bleichenbacher 型のパディングオラクル攻撃が可能
となる問題があるため、物理的にマシンの操作が可能な攻撃者により、
情報の漏洩を可能とする脆弱性が存在します。(CVE-2018-16869)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2018-16869
A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.
A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- nettle-2.7.1-9.0.1.el7.AXS7.i686.rpm
MD5: 75f147a4b6ac04eca195c54697d9f2d7
SHA-256: db71badae6fefd0df8ba9d8b325b45c5c3f4ce51f0e5a11c35442a77bf211ad6
Size: 332.72 kB - nettle-2.7.1-9.0.1.el7.AXS7.x86_64.rpm
MD5: ad776592dd3e17cc76d6a9a0e0ab4a92
SHA-256: 7e14ee7a778a9924b7ac1869d28a303e9866e7a54117c037b9f3471ad00c8e88
Size: 329.61 kB - nettle-devel-2.7.1-9.0.1.el7.AXS7.i686.rpm
MD5: 3c6701938d09a9131ae5d8b0707a5a9f
SHA-256: b76f0a6c8fb0b4de6e7bc0374984f2f01cfc37d3ec431fbbb3cbca1789dc0b24
Size: 471.33 kB - nettle-devel-2.7.1-9.0.1.el7.AXS7.x86_64.rpm
MD5: 9ffe58e079eb45d96a2a860430a52902
SHA-256: 8a55ca0e383bbe75d9afb815cae6e2d0f9beaee93bfe5a0d408cdabf503314a2
Size: 471.30 kB
English