CVE-2019-12904

🗓️ 19 Jun 2019 23:34:13Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 319 Views

Libgcrypt 1.8.4, C AES implementation vulnerable to flush-and-reload side-channel attack. Physical addresses exposed to other processes

Reporter	Title	Published	Views	Family All 40
AlpineLinux	CVE-2019-12904	19 Jun 201923:34	–	alpinelinux
Cvelist	CVE-2019-12904	19 Jun 201923:34	–	cvelist
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Hyper Converged Database	21 Jan 202610:51	–	ibm
Tenable Nessus	EulerOS 2.0 SP8 : libgcrypt (EulerOS-SA-2019-2107)	12 Nov 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.5.0 : libgcrypt (EulerOS-SA-2020-1085)	13 Jan 202000:00	–	nessus
Tenable Nessus	openSUSE Security Update : libgcrypt (openSUSE-2019-1792)	24 Jul 201900:00	–	nessus
Tenable Nessus	Photon OS 3.0: Libgcrypt PHSA-2019-3.0-0036	23 Jul 202400:00	–	nessus
Tenable Nessus	Photon OS 1.0: Libgcrypt PHSA-2020-1.0-0288	15 Apr 202000:00	–	nessus
Tenable Nessus	Photon OS 2.0: Libgcrypt PHSA-2020-2.0-0227	23 Jul 202400:00	–	nessus
Tenable Nessus	RHEL 5 : libgcrypt (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus

NVD

Node

Node

Source	Link
github	www.github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
dev	www.dev.gnupg.org/T4541
github	www.github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
lists	www.lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html
lists	www.lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

21 Nov 2024 04:23Current

5.8Medium risk

Vulners AI Score5.8

CVSS 24.3

CVSS 3.15.9

EPSS0.00285