Описание
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.4.18-7ubuntu1 |
| esm-infra-legacy/trusty | released | 1.4.16-1ubuntu2.3 |
| lucid | released | 1.4.10-2ubuntu1.8 |
| precise | released | 1.4.11-3ubuntu2.9 |
| trusty | released | 1.4.16-1ubuntu2.3 |
| trusty/esm | released | 1.4.16-1ubuntu2.3 |
| upstream | released | 1.4.18-7 |
| utopic | released | 1.4.16-1.2ubuntu1.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | released | 1.5.3-2ubuntu4.2 |
| lucid | released | 1.4.4-5ubuntu2.4 |
| precise | released | 1.5.0-3ubuntu0.4 |
| trusty | released | 1.5.3-2ubuntu4.2 |
| trusty/esm | released | 1.5.3-2ubuntu4.2 |
| upstream | needed | |
| utopic | released | 1.5.4-2ubuntu1.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.6.2-4ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.6.1-2ubuntu1.14.04.1]] |
| lucid | DNE | |
| precise | DNE | |
| trusty | released | 1.6.1-2ubuntu1.14.04.1 |
| trusty/esm | DNE | trusty was released [1.6.1-2ubuntu1.14.04.1] |
| upstream | released | 1.6.3-2 |
| utopic | released | 1.6.1-2ubuntu1.14.10.1 |
Показывать по
Ссылки на источники
EPSS
1.9 Low
CVSS2
4.2 Medium
CVSS3
Связанные уязвимости
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciph ...
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
EPSS
1.9 Low
CVSS2
4.2 Medium
CVSS3