Описание
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | not-affected | 1.5.3-2ubuntu4.4 |
| precise/esm | not-affected | |
| trusty | not-affected | 1.5.3-2ubuntu4.4 |
| trusty/esm | not-affected | 1.5.3-2ubuntu4.4 |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.7.6-2 |
| bionic | not-affected | 1.7.6-2 |
| cosmic | not-affected | 1.7.6-2 |
| devel | not-affected | 1.7.6-2 |
| disco | not-affected | 1.7.6-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/bionic | not-affected | 1.7.6-2 |
| esm-infra/xenial | released | 1.6.5-2ubuntu0.3 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
EPSS
4.3 Medium
CVSS2
5.9 Medium
CVSS3
Связанные уязвимости
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library.
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library.
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session ke ...
EPSS
4.3 Medium
CVSS2
5.9 Medium
CVSS3