The mpi_powm function in Libgcrypt prior to 1.6.3 and GnuPG prior to 1.4.19 allows malicious users to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnupg gnupg |
||
gnupg libgcrypt |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |