|
|
Subscribe / Log in / New account

libtomcrypt: signature forgery

Package(s):libtomcrypt CVE #(s):CVE-2016-6129
Created:September 7, 2016 Updated:November 7, 2016
Description: From the Debian LTS advisory:

It was discovered that the implementation of RSA signature verification in libtomcrypt is vulnerable to the Bleichenbacher signature attack.

If an RSA key with exponent 3 is used it may be possible to forge a PKCS#1 v1.5 signature signed by that key.

Alerts:
Mageia MGASA-2016-0369 libtomcrypt 2016-11-06
Debian-LTS DLA-612-1 libtomcrypt 2016-09-07
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds