Wind River Support Network

HomeDefectsLIN7-1434
Fixed

LIN7-1434 : Security Advisory - gnupg - CVE-2013-4242

Created: Nov 3, 2014    Updated: Mar 31, 2016
Resolved Date: Nov 3, 2014
Found In Version: 7.0
Fix Version: 7.0
Severity: Low
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4242

Workaround

Unknown

Steps to Reproduce

Unknown
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube