Wind River Support Network

HomeDefectsLIN6-5109

Fixed

LIN6-5109 : Security Advisory - gnupg - CVE-2013-4242

Created: Sep 2, 2013 Updated: Dec 3, 2018

Resolved Date: Jul 22, 2014

Previous ID: LIN3-11009

Found In Version: 6.0.0.10

Fix Version: 6.0.0.10

Severity: Low

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4242

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38