Libgcrypt prior to 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for malicious users to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnupg libgcrypt |
||
debian debian linux 9.0 |