CVE-2023-5992 - OpenSC’s Risky PKCS#1 Padding Leak—How One Side-Channel Bug Puts Private Data at Risk
In late 2023, a critical vulnerability was found in OpenSC—software widely used for working with smart cards. The bug, CVE-2023-5992, centers on PKCS#1
CVE-2024-0914 - Timing Side-Channel in opencryptoki Exposes RSA Private Key Operations
In early 2024, security researchers uncovered a critical timing side-channel vulnerability in the opencryptoki package: CVE-2024-0914. This flaw lets attackers infer sensitive RSA operations—decryption
CVE-2023-40550 - Out-of-Bounds Read in Shim Exposes Sensitive Data at Boot
*Published: June 2024*
A recently disclosed vulnerability, CVE-2023-40550, affects the Shim bootloader—a critical piece of software that plays an essential role in Secure Boot
CVE-2023-40546 - Crashing Secure Boot with Shim’s Logging Bug
The world of computer security sees hundreds of new vulnerabilities every month. Some are minor, but others have the potential to cripple core security functions
CVE-2023-40549 - Out-of-Bounds Read in Shim — How Crafted PE Binaries Can Crash Your Boot
If you’ve been following Linux security updates, you may have heard about CVE-2023-40549, a recent vulnerability discovered in the widely used Shim bootloader. In
Episode
00:00:00
00:00:00