12 matches found
SUSE: Security Advisory (SUSE-SU-2016:1089-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : libgcrypt (2016-83cd045bcc)
New upstream release fixing CVE-2015-7511 low impact security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
openSUSE Security Update : libgcrypt (openSUSE-2016-559)
libgcrypt was updated to fix one security issue. This security issue was fixed : - CVE-2015-7511: Side-channel attack on ECDH with Weierstrass curves bsc965902. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...
CVE-2015-7511
CVE-2015-7511 affects Libgcrypt up to version 1.6.4 (pre-1.6.5). The issue is an improper elliptic‑point curve multiplication during decryption that enables physical side‑channel leakage of ECDH private keys via electromagnetic emanations. Remediation is upgrading Libgcrypt to fixed releases (e.g...
SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2016:1089-1)
libgcrypt was updated to fix one security issue. This security issue was fixed : - CVE-2015-7511: Side-channel attack on ECDH with Weierstrass curves bsc965902. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
Mageia: Security Advisory (MGASA-2016-0072)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libgcrypt packages fix security vulnerabilities
Updated libgcrypt packages fix security vulnerability: Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt20 library could be leaked via a side-channel attack CVE-2015-7511. The libgcrypt package was also...
[SECURITY] [DSA 3478-1] libgcrypt11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3478-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 15, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3478-1 (libgcrypt11 - security update)
Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt11 library could be leaked via a side-channel attack. See https://www.cs.tau.ac.IL/tromer/ecdh/ for details. OpenVAS Vulnerability Test $Id: deb3478.nasl...
[SECURITY] [DSA 3474-1] libgcrypt20 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3474-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 12, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3474-1] libgcrypt20 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3474-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 12, 2016 https://www.debian.org/security/faq -...
CVE-2015-7511
Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations...