CVE-2023-6258

Summary

A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards (PKCS#11). If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS#1 1.5 decryption.

Affected Software

VendorProductVersion RangeStatus
n/apkcs11-provider0.2unaffected

Weaknesses

  • CWE-1300: Improper Protection of Physical Side Channels

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References