PT-2024-1598 · Linux+5 · Linux Kernel+5

Rohit Keshri

Published

2023-09-25

Updated

2026-03-14

CVE-2023-6240

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. The vulnerability is also related to the possibility of a Bleichenbacher or Marvin attack, which could allow a remote attacker to access or impact protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Side Channel Attack

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-402CWE-203CWE-208CWE-327

Related Identifiers

ALSA-2024:2758

ALSA-2024:3618

ALSA-2024:3627

BDU:2024-01188

CESA-2024_3618

CESA-2024_3627

CVE-2023-6240

ECHO-907F-B402-B296

INFSA-2024_2758

INFSA-2024_3618

INFSA-2024_3627

RHSA-2024:1881

RHSA-2024:1882

RHSA-2024:2758

RHSA-2024:3414

RHSA-2024:3421

RHSA-2024:3618

RHSA-2024:3627

RHSA-2024_2758

RHSA-2024_3618

RHSA-2024_3627

RLSA-2024:2758

RLSA-2024:3618

RLSA-2024:3627

Affected Products

Almalinux

Centos

Debian

Linux Kernel

Red Hat

Rocky Linux

PT-2024-1598 · Linux+5 · Linux Kernel+5

CVE-2023-6240

Weakness Enumeration

Related Identifiers

Affected Products

References · 225