CVE-2017-7526 in Libgcryptinformación

Resumen

por MITRE

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Red Hat, Inc.

Reservar

2017-04-05

Divulgación

2018-07-26

Moderación

aceptado

Artículo

VDB-104628

CPE

listo

CWE

CWE-310 (confirmado)

CVSS

6.8 (NVD)

EPSS

0.02765

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7526
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7526
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7526/

◂ Anterior Visión De Conjunto Próximo ▸

Want to know what is going to be exploited?

We predict KEV entries!