MGASA-2023-0253

Advisory lineage Upstream: 3 Downstream: 0
Published: 11 Sept 2023, 13:07
Last modified:16 Apr 2026, 04:23

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

11 Sept 2023, 13:07
Published
Vulnerability first disclosed
16 Apr 2026, 04:23
Last Modified
Vulnerability information updated

Description

Updated openssl packages fix security vulnerability AES-SIV implementation ignores empty associated data entries. (CVE-2023-2975) Excessive time spent checking DH keys and parameters. (CVE-2023-3446) Excessive time spent checking DH q parameter value. (CVE-2023-3817)

Affected Systems

  • mageiaopenssl

    < 1.1.1v-1.mga8

  • mageiaopenssl

    < 3.0.10-1.mga9

References (5)