Wind River Support Network

HomeDefectsLIN6-5109
Fixed

LIN6-5109 : Security Advisory - gnupg - CVE-2013-4242

Created: Sep 2, 2013    Updated: Dec 3, 2018
Resolved Date: Jul 22, 2014
Previous ID: LIN3-11009
Found In Version: 6.0.0.10
Fix Version: 6.0.0.10
Severity: Low
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4242

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online