GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
AV:L/AC:M/Au:N/C:P/I:N/A:N
19/08/2013
by Gnupg
a year ago
by Gnupg
3 years ago
by Debian
a month ago
by Canonical
3 months ago
by Opensuse
3 years ago
by Novell
7 years ago