Wind River Support Network

HomeDefectsLIN5-15333
Fixed

LIN5-15333 : Security Advisory - gnupg - CVE-2013-4242

Created: Sep 2, 2013    Updated: Dec 19, 2017
Resolved Date: Jul 22, 2014
Previous ID: LIN3-11015
Found In Version: 5.0.1.17
Fix Version: 5.0.1.17
Severity: Low
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4242

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online