CVE-2015-0837 in Libgcryptinfo

Summary

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

01/07/2015

Moderation

VulDB entry created

Entries

1: VDB-146507

CPE

ready

CWE

CWE-203 (Confirmed)

CVSS

4.8

EPSS

0.00677

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-0837
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-0837
CVE Details	https://www.cvedetails.com/cve/CVE-2015-0837/

◂ Previous Overview Next ▸