CVE-2017-7526 in Libgcrypt情報

要約

〜によって MITRE

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

責任者

Red Hat, Inc.

予約する

2017年04月05日

公開

2018年07月26日

モデレーション

承諾済み

エントリ

VDB-104628

CPE

準備完了

CWE

CWE-310 (確認済み)

CVSS

6.8 (NVD)

EPSS

0.02765

KEV

いいえ

アクティビティ

非常低い

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7526
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7526
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7526/

◂ 前概要次 ▸

Interested in the pricing of exploits?

See the underground prices here!