1009 matches found
[ASA-201709-13] libgcrypt: private key recovery
Arch Linux Security Advisory ASA-201709-13 ========================================== Severity: Medium Date : 2017-09-18 CVE-ID : CVE-2017-0379 Package : libgcrypt Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-402 Summary ======= The package libgcrypt before...
[ASA-201709-14] lib32-libgcrypt: private key recovery
Arch Linux Security Advisory ASA-201709-14 ========================================== Severity: Medium Date : 2017-09-18 CVE-ID : CVE-2017-0379 Package : lib32-libgcrypt Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-403 Summary ======= The package lib32-libgcry...
USN-3417-1: Libgcrypt vulnerability
Daniel Genkin, Luke Valenta, and Yuval Yarom discovered that Libgcrypt was susceptible to an attack via side channels. A local attacker could use this attack to recover Curve25519 private keys...
Updated libgcrypt packages fix security vulnerability
It was discovered that libgcrypt is prone to a local side-channel attack against the ECDH encryption with Curve25519, allowing recovery of the private key...
MGASA-2017-0334 Updated libgcrypt packages fix security vulnerability
It was discovered that libgcrypt is prone to a local side-channel attack against the ECDH encryption with Curve25519, allowing recovery of the private key...
FreeBSD : libgcrypt -- side-channel attack vulnerability (22f28bb3-8d98-11e7-8c37-e8e0b747a45a)
GnuPG reports : Mitigate a local side-channel attack on Curve25519 dubbed 'May the Fourth Be With You'. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2019 Jacques Vidrine...
Libgcrypt Information Disclosure Vulnerability (CNVD-2017-30593)
libgcrypt is a cryptographic library based on the GnuPG code. A security vulnerability exists in libgcrypt that allows remote attackers to exploit the vulnerability to submit special requests to obtain sensitive information...
Design/Logic Flaw
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
DEBIAN-CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
ALPINE-CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
CVE-2017-0379
CVE-2017-0379 affects libgcrypt before 1.8.1, where Curve25519 side-channel attacks could allow a local attacker to recover a secret key. Public advisories indicate the flaw in cipher/ecc.c and mpi/ec.c can enable private-key recovery on multi-user systems or VMs. Remediation is to upgrade to lib...
CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
CVE-2017-0379
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...
USN-3347-1: Libgcrypt vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that Libgcrypt was susceptible to an attack...
MGASA-2017-0213 Updated libgcrypt packages fix security vulnerability
Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that Libgcrypt was susceptible to an attack via side channels. A local attacker could use this attack to recover RSA private keys...