Vulnerability & Exploit Database

Displaying entries 1 - 10 of 16 in total

Results for: CVE-2013-4242 Back to search

RHSA-2013:1458: gnupg security update Vulnerability

  • Severity: 6
  • Published: October 09, 2013

The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data andcreating digital signatures, compliant with the proposed OpenPGP Internetstandard and the S/MIME standard.It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reloadcache side-channel attack on the RSA secret exponent. An attacker able toexecute a process ...

ELSA-2013-1458 Moderate: Oracle Linux gnupg security update Vulnerability

  • Severity: 6
  • Published: October 09, 2013

GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.

USN-1923-1: GnuPG, Libgcrypt vulnerability Vulnerability

  • Severity: 2
  • Published: August 19, 2013

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

SUSE Linux Security Vulnerability: CVE-2013-4242 Vulnerability

  • Severity: 2
  • Published: August 19, 2013

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

Oracle Solaris 11: CVE-2013-4242: Vulnerability in libgcrypt Vulnerability

  • Severity: 2
  • Published: August 19, 2013

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

RHSA-2013:1457: libgcrypt security update Vulnerability

  • Severity: 2
  • Published: August 19, 2013

The libgcrypt library provides general-purpose implementations of variouscryptographic algorithms.It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reloadcache side-channel attack on the RSA secret exponent. An attacker able toexecute a process on the logical CPU that shared the L3 cache with theGnuPG process (such as a d...

ELSA-2013-1457 Moderate: Oracle Linux libgcrypt security update Vulnerability

  • Severity: 2
  • Published: August 19, 2013

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.