CVE-2024-11862

Vulnerability Description

Non constant time cryptographic operation in Devolutions.XTS.NET 2024.11.19 and earlier allows an attacker to render half of the encryption key obsolete via a timing attacks

Related Weaknesses (CWE)

CWE-385

References

https://github.com/Devolutions/XTS.NET/security/advisories/GHSA-j6vm-4r7g-x4gr

FAQ

What is CVE-2024-11862?

CVE-2024-11862 is a documented vulnerability. Non constant time cryptographic operation in Devolutions.XTS.NET 2024.11.19 and earlier allows an attacker to render half of the encryption key obsolete via a timing attacks

How severe is CVE-2024-11862?

CVSS scoring is not yet available for CVE-2024-11862. Check NVD for updates.

Is there a patch for CVE-2024-11862?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.