FERRAMENTAS LINUX: Critical OpenSSL Security Update (CVE-2024-13176) – Patch Now to Prevent ECDSA Vulnerabilities

quinta-feira, 15 de maio de 2025

Critical OpenSSL Security Update (CVE-2024-13176) – Patch Now to Prevent ECDSA Vulnerabilities

 

SUSE

Critical OpenSSL security update (CVE-2024-13176) patches an ECDSA timing side-channel flaw affecting SUSE Linux Enterprise 15 SP7. Learn how to apply the fix and secure cryptographic operations against exploits.

Release Date: May 15, 2025
Severity: Moderate
Affected Products: SUSE Linux Enterprise 15 SP7, Certifications Module, SAP Applications

A newly discovered timing side-channel vulnerability in OpenSSL’s ECDSA signature computation (CVE-2024-13176) could expose sensitive cryptographic operations to attackers. This security update also fixes non-approved PBKDF parameter validations, ensuring compliance with enterprise security standards.

Why This Update Matters for Enterprise Security

OpenSSL remains a critical component of secure communications, encryption, and authentication across Linux systems. The CVSS scores (ranging from 4.1 to 6.0) indicate varying risks depending on the environment, but businesses must apply patches promptly to mitigate potential exploits.

Key Fixes in This Update

✔ CVE-2024-13176: Patches a timing attack vulnerability in ECDSA signatures, preventing attackers from extracting private keys.
✔ PBKDF Parameter Validation: Corrects improper approval of insecure key derivation parameters (bsc#1236771).

Affected SUSE Linux Enterprise Systems

This update applies to:

  • SUSE Linux Enterprise Server 15 SP7

  • SUSE Linux Enterprise Desktop 15 SP7

  • SUSE Linux Enterprise Real Time 15 SP7

  • SUSE Linux Enterprise Server for SAP Applications 15 SP7

  • Certifications Module 15-SP7

How to Apply the Security Patch

Recommended Methods:

  1. YaST Online Update (GUI-based)

  2. Zypper Patch Command (CLI)

Manual Installation for Certifications Module 15-SP7:

bash
Copy
Download
zypper in -t patch SUSE-SLE-Module-Certifications-15-SP7-2025-613=1



Updated Packages List

PackageVersion
libopenssl1_1-debuginfo1.1.1w-150600.5.12.2
openssl-1_11.1.1w-150600.5.12.2
libopenssl-1_1-devel1.1.1w-150600.5.12.2
32-bit Systems Only:
libopenssl1_1-32bit1.1.1w-150600.5.12.2

Additional References & Resources

🔗 SUSE CVE-2024-13176 Advisory
🔗 Bug Report #1236136
🔗 Bug Report #1236771

Best Practices for Linux Security Updates

  • Automate patch management to reduce exposure windows.

  • Monitor CVEs affecting cryptographic libraries.

  • Test updates in staging environments before full deployment.

Need expert guidance on Linux security? Ensure your systems are protected with enterprise-grade patch management solutions.

Cezar Henrique at
Marcadores: Linux, Android, Segurança , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)