{"id":"CVE-2024-0914","details":"A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.","modified":"2026-03-15T22:48:10.341374Z","published":"2024-01-31T05:15:08.137Z","related":["ALSA-2024:1239","ALSA-2024:1608","MGASA-2024-0152","SUSE-SU-2024:1447-1","SUSE-SU-2024:2298-1","openSUSE-SU-2024:14195-1"],"references":[{"type":"ADVISORY","url":"https://people.redhat.com/~hkario/marvin/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:1239"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:1411"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:1608"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:1856"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:1992"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2024-0914"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2260407"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opencryptoki/opencryptoki","events":[{"introduced":"0"},{"fixed":"32ab06ccecc9961fa8b6c73ba5e268df379375d4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3.23.0"}]}}],"versions":["v2.3.2","v2.3.3","v2.4.3","v2.4.3.1","v3.0","v3.1","v3.10.0","v3.11.0","v3.11.1","v3.12.0","v3.12.1","v3.13.0","v3.14.0","v3.15.0","v3.15.1","v3.16.0","v3.17.0","v3.18.0","v3.19.0","v3.2","v3.20.0","v3.21.0","v3.22.0","v3.3","v3.4","v3.4.1","v3.5","v3.6","v3.6.1","v3.6.2","v3.7.0","v3.8.0","v3.8.1","v3.8.2","v3.9.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-0914.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}