Lucene search
Ubuntu.comUB:CVE-2014-5270HistoryAug 18, 2014 - 12:00 a.m.
CVE-2014-5270
2014-08-1800:00:00
ubuntu.com
ubuntu.com
4
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
39.7%
Libgcrypt before 1.5.4, as used in GnuPG and other products, does not
properly perform ciphertext normalization and ciphertext randomization,
which makes it easier for physically proximate attackers to conduct
key-extraction attacks by leveraging the ability to collect voltage data
from exposed metal, a different vector than CVE-2013-4576.
References
Related
cve
cve
CVE-2014-5270
2014-10-10 01:55:00
CVE-2013-4576
2013-12-20 21:55:00
prion
prion
Code injection
2014-10-10 01:55:00
Code injection
2013-12-20 21:55:00
debiancve
debiancve
CVE-2014-5270
2014-10-10 01:55:00
openvas
openvas
Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-1750)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-2006)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2020-1189)
2020-03-13 00:00:00
nessus
nessus
EulerOS 2.0 SP3 : libgcrypt (EulerOS-SA-2019-2006)
2019-09-24 00:00:00
EulerOS 2.0 SP2 : libgcrypt (EulerOS-SA-2019-1750)
2019-07-22 00:00:00
EulerOS Virtualization for ARM 64 3.0.2.0 : libgcrypt (EulerOS-SA-2020-1189)
2020-03-13 00:00:00
amazon
amazon
Medium: libgcrypt
2015-08-04 17:43:00
Medium: gnupg
2014-01-14 16:18:00
osv
osv
gnupg - security update
2014-09-11 00:00:00
libgcrypt11 - security update
2014-11-25 00:00:00
libgcrypt11 - security update
2014-11-16 00:00:00
debian
debian
[SECURITY] [DLA 53-1] gnupg security update
2014-09-14 07:23:55
[SECURITY] [DSA 3073-1] libgcrypt11 security update
2014-11-16 13:18:08
[SECURITY] [DLA 93-1] libgcrypt11 security update
2014-11-25 09:25:48
ubuntu
ubuntu
Libgcrypt vulnerability
2014-09-03 00:00:00
GnuPG vulnerability
2014-09-03 00:00:00
GnuPG vulnerability
2013-12-18 00:00:00
securityvulns
securityvulns
[USN-2339-1] GnuPG vulnerability
2014-09-15 00:00:00
GnuPG / libcrypt information leakage
2014-09-15 00:00:00
GnuPG acoustic attack
2013-12-23 00:00:00
gentoo
gentoo
Libgcrypt: Side-channel attack
2014-08-29 00:00:00
mageia
mageia
Updated libgcrypt packages fix CVE-2014-5270
2014-09-05 13:07:37
Updated gnupg packages fix CVE-2014-5270
2014-09-22 12:31:24
Updated gnupg package fixes CVE-2013-4576
2013-12-20 21:29:34
oraclelinux
oraclelinux
gnupg security update
2014-01-08 00:00:00
slackware
slackware
[slackware-security] gnupg
2013-12-21 19:34:33
centos
centos
gnupg security update
2014-01-08 22:53:33
fedora
fedora
[SECURITY] Fedora 20 Update: gnupg-1.4.17-1.fc20
2014-06-27 02:28:57
[SECURITY] Fedora 20 Update: gnupg-1.4.16-2.fc20
2013-12-23 03:48:29
[SECURITY] Fedora 20 Update: gnupg-1.4.19-2.fc20
2015-03-14 09:16:09
f5
f5
SOL16396 - GnuPG vulnerability CVE-2013-4576
2015-04-09 00:00:00
K16396 : GnuPG vulnerability CVE-2013-4576
2015-04-09 00:00:00
ubuntucve
ubuntucve
CVE-2013-4576
2013-12-18 00:00:00
redhat
redhat
(RHSA-2014:0016) Moderate: gnupg security update
2014-01-08 00:00:00
veracode
veracode
Side-channel Attack
2019-01-15 08:54:58
freebsd
freebsd
gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack
2013-12-18 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1870
2021-07-02 17:14:28
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
39.7%
Related for UB:CVE-2014-5270