CVE-2024-2236

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-2236

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2236.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-2236

Downstream

BELL-CVE-2024-2236

DEBIAN-CVE-2024-2236

ECHO-6c46-a151-cc7a

RHSA-2024:9404

RHSA-2025:3530

RHSA-2025:3534

RLSA-2024:9404

ROOT-OS-DEBIAN-12-CVE-2024-2236

ROOT-OS-UBUNTU-2204-CVE-2024-2236

SUSE-SU-2025:02447-1

SUSE-SU-2025:02464-1

SUSE-SU-2025:02464-2

SUSE-SU-2025:02719-1

SUSE-SU-2025:02752-1

SUSE-SU-2025:02756-1

SUSE-SU-2025:02773-1

SUSE-SU-2025:20490-1

SUSE-SU-2025:20538-1

UBUNTU-CVE-2024-2236

openSUSE-SU-2025:15239-1

Related

Withdrawn

2026-01-27T04:19:35.087315Z

Published

2024-03-06T22:15:57Z

Modified

2026-03-12T02:14:21.445883914Z

Summary

[none]

Details

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

References

Affected packages