Lucene search
UbuntuUSN-2059-1HistoryDec 18, 2013 - 12:00 a.m.
GnuPG vulnerability
2013-12-1800:00:00
ubuntu.com
40
6 Medium
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
54.5%
Releases
- Ubuntu 13.10
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- gnupg - GNU privacy guard - a free PGP replacement
Details
Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was
susceptible to an adaptive chosen ciphertext attack via acoustic
emanations. A local attacker could use this attack to possibly recover
private keys.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 13.10 | noarch | gnupg | < 1.4.14-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | gnupg-curl | < 1.4.14-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | gnupg-udeb | < 1.4.14-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | gpgv | < 1.4.14-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | gpgv-udeb | < 1.4.14-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 13.04 | noarch | gnupg | < 1.4.12-7ubuntu1.3 | UNKNOWN |
| Ubuntu | 13.04 | noarch | gnupg-curl | < 1.4.12-7ubuntu1.3 | UNKNOWN |
| Ubuntu | 13.04 | noarch | gnupg-udeb | < 1.4.12-7ubuntu1.3 | UNKNOWN |
| Ubuntu | 13.04 | noarch | gpgv | < 1.4.12-7ubuntu1.3 | UNKNOWN |
| Ubuntu | 13.04 | noarch | gpgv-udeb | < 1.4.12-7ubuntu1.3 | UNKNOWN |
References
Related
nessus
nessus
Amazon Linux AMI : gnupg (ALAS-2014-278)
2014-02-05 00:00:00
Oracle Linux 5 : gnupg (ELSA-2014-0016)
2014-01-09 00:00:00
openvas
openvas
Ubuntu Update for gnupg USN-2059-1
2013-12-23 00:00:00
Slackware: Security Advisory (SSA:2013-354-01)
2022-04-21 00:00:00
Mageia: Security Advisory (MGASA-2013-0382)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: gnupg-1.4.17-1.fc20
2014-06-27 02:28:57
[SECURITY] Fedora 20 Update: gnupg-1.4.16-2.fc20
2013-12-23 03:48:29
[SECURITY] Fedora 20 Update: gnupg-1.4.19-2.fc20
2015-03-14 09:16:09
f5
f5
SOL16396 - GnuPG vulnerability CVE-2013-4576
2015-04-09 00:00:00
K16396 : GnuPG vulnerability CVE-2013-4576
2015-04-09 00:00:00
debian
debian
[SECURITY] [DSA 2821-1] gnupg security update
2013-12-18 15:05:39
mageia
mageia
Updated gnupg package fixes CVE-2013-4576
2013-12-20 21:29:34
prion
prion
Code injection
2013-12-20 21:55:00
Code injection
2014-10-10 01:55:00
centos
centos
gnupg security update
2014-01-08 22:53:33
slackware
slackware
[slackware-security] gnupg
2013-12-21 19:34:33
oraclelinux
oraclelinux
gnupg security update
2014-01-08 00:00:00
securityvulns
securityvulns
GnuPG acoustic attack
2013-12-23 00:00:00
[USN-2059-1] GnuPG vulnerability
2013-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2013-4576
2013-12-18 00:00:00
CVE-2014-5270
2014-08-18 00:00:00
redhat
redhat
(RHSA-2014:0016) Moderate: gnupg security update
2014-01-08 00:00:00
veracode
veracode
Side-channel Attack
2019-01-15 08:54:58
amazon
amazon
Medium: gnupg
2014-01-14 16:18:00
Medium: libgcrypt
2015-08-04 17:43:00
freebsd
freebsd
gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack
2013-12-18 00:00:00
cve
cve
CVE-2013-4576
2013-12-20 21:55:00
CVE-2014-5270
2014-10-10 01:55:00
debiancve
debiancve
CVE-2014-5270
2014-10-10 01:55:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1870
2021-07-02 17:14:28
6 Medium
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
54.5%
Related for USN-2059-1