In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-12904 User=admin}