CVE-2019-12904

In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an assembly-language implementation is unavailable. NOTE: the vendor's position is...

PT-2019-13013 · Gnu +2 · Libgcrypt +2

Name of the Vulnerable Software and Affected Versions: Libgcrypt version 1.8.4 Description: The C implementation of AES in Libgcrypt is susceptible to a flush-and-reload side-channel attack. This occurs because physical addresses are accessible to other processes, and the C implementation is used...