logo
DATABASE RESOURCES PRICING ABOUT US

GLSA-201706-21 : nettle: Information disclosure

Description

The remote host is affected by the vulnerability described in GLSA-201706-21 (nettle: Information disclosure) It was found that nettle’s RSA and DSA decryption code was vulnerable to cache-related side channel attacks. See the referenced technical paper “Cache Attacks Enable Bulk Key Recovery on the Cloud” below for details. Impact : An attacker could recover the private key from a co-located virtual-machine instance. Workaround : There is no known workaround at this time.


Related