2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
Daniel Genkin, Itamar Pipman and Eran Tromer discovered that Elgamal
encryption subkeys in applications using the libgcrypt11 library, for
example GnuPG 2.x, could be leaked via a side-channel attack.
For the stable distribution (wheezy), this problem has been fixed in
version 1.5.0-5+deb7u2.
We recommend that you upgrade your libgcrypt11 packages.
CPE | Name | Operator | Version |
---|---|---|---|
libgcrypt11 | eq | 1.5.0-5 | |
libgcrypt11 | eq | 1.5.0-5+deb7u1 |