CVE-2017-7526 in Libgcryptinformation

Résumé

par MITRE

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Red Hat, Inc.

Réserver

05/04/2017

Divulgation

26/07/2018

Modérer

accepté

Entrée

VDB-104628

CPE

prêt

CWE

CWE-310 (confirmé)

CVSS

6.8 (NVD)

EPSS

0.02765

KEV

non

Activités

très faible

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7526
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7526
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7526/

◂ Précédent Aperçu Suivant ▸

Might our Artificial Intelligence support you?

Check our Alexa App!