CVE-2023-6240

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-6240

Severity

6.5

Medium

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-6240
https://github.com/advisories/GHSA-5gvr-285q-pwc3
https://access.redhat.com/errata/RHSA-2024:1881
https://access.redhat.com/errata/RHSA-2024:1882
https://access.redhat.com/errata/RHSA-2024:2758
https://access.redhat.com/errata/RHSA-2024:3414
https://access.redhat.com/errata/RHSA-2024:3421
https://access.redhat.com/errata/RHSA-2024:3618
https://access.redhat.com/errata/RHSA-2024:3627
https://access.redhat.com/security/cve/CVE-2023-6240
https://people.redhat.com/~hkario/marvin/
https://security.netapp.com/advisory/ntap-20240628-0002/
https://securitypitfalls.wordpress.com/2023/10/16/experiment-with-side-channel-attacks-yourself/
https://bugzilla.redhat.com/show_bug.cgi?id=2250843

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2023-6240

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company