CVE List


Moderate 5.9

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."

Published November 30, 2019.

Affected software

Debian Debian Linux

Gnupg Libgcrypt

Gnupg Gnupg

Reference links

Sign Up for Alerts