What is the severity of CVE-2013-4576?

CVE-2013-4576 has a medium severity rating due to the possibility of RSA key extraction via a chosen-ciphertext attack.

How do I fix CVE-2013-4576?

To fix CVE-2013-4576, update GnuPG to version 1.4.16 or later.

Who is affected by CVE-2013-4576?

CVE-2013-4576 affects all versions of GnuPG 1.x prior to 1.4.16.

What type of attack is associated with CVE-2013-4576?

CVE-2013-4576 is associated with a chosen-ciphertext attack allowing key extraction.

What are the implications of CVE-2013-4576 for users of GnuPG?

Users of GnuPG could have their RSA keys compromised if they are vulnerable to physical attacks in proximity to the device during decryption.

Vulnerability/
CVE-2013-4576

low

2.1

CWE

255

20/12/2013

6/8/2024

CVE-2013-4576

First published: Fri Dec 20 2013(Updated: )

GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not typically expected to protect themselves from acoustic side-channel attacks, since this is arguably the responsibility of the physical device. Accordingly, issues of this type would not normally receive a CVE identifier. However, for this issue, the developer has specified a security policy in which GnuPG should offer side-channel resistance, and developer-specified security-policy violations are within the scope of CVE.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
GnuPG 2 (Gnu Privacy Guard)	<=1.4.15
GnuPG 2 (Gnu Privacy Guard)	=1.0.0
GnuPG 2 (Gnu Privacy Guard)	=1.0.1
GnuPG 2 (Gnu Privacy Guard)	=1.0.2
GnuPG 2 (Gnu Privacy Guard)	=1.0.3
GnuPG 2 (Gnu Privacy Guard)	=1.0.4
GnuPG 2 (Gnu Privacy Guard)	=1.0.4
GnuPG 2 (Gnu Privacy Guard)	=1.0.5
GnuPG 2 (Gnu Privacy Guard)	=1.0.5
GnuPG 2 (Gnu Privacy Guard)	=1.0.6
GnuPG 2 (Gnu Privacy Guard)	=1.0.7
GnuPG 2 (Gnu Privacy Guard)	=1.2.0
GnuPG 2 (Gnu Privacy Guard)	=1.2.1
GnuPG 2 (Gnu Privacy Guard)	=1.2.1-windows
GnuPG 2 (Gnu Privacy Guard)	=1.2.2
GnuPG 2 (Gnu Privacy Guard)	=1.2.3
GnuPG 2 (Gnu Privacy Guard)	=1.2.4
GnuPG 2 (Gnu Privacy Guard)	=1.2.5
GnuPG 2 (Gnu Privacy Guard)	=1.2.6
GnuPG 2 (Gnu Privacy Guard)	=1.2.7
GnuPG 2 (Gnu Privacy Guard)	=1.3.0
GnuPG 2 (Gnu Privacy Guard)	=1.3.1
GnuPG 2 (Gnu Privacy Guard)	=1.3.2
GnuPG 2 (Gnu Privacy Guard)	=1.3.3
GnuPG 2 (Gnu Privacy Guard)	=1.3.4
GnuPG 2 (Gnu Privacy Guard)	=1.3.6
GnuPG 2 (Gnu Privacy Guard)	=1.3.90
GnuPG 2 (Gnu Privacy Guard)	=1.3.91
GnuPG 2 (Gnu Privacy Guard)	=1.3.92
GnuPG 2 (Gnu Privacy Guard)	=1.3.93
GnuPG 2 (Gnu Privacy Guard)	=1.4
GnuPG 2 (Gnu Privacy Guard)	=1.4.0
GnuPG 2 (Gnu Privacy Guard)	=1.4.2
GnuPG 2 (Gnu Privacy Guard)	=1.4.3
GnuPG 2 (Gnu Privacy Guard)	=1.4.4
GnuPG 2 (Gnu Privacy Guard)	=1.4.5
GnuPG 2 (Gnu Privacy Guard)	=1.4.6
GnuPG 2 (Gnu Privacy Guard)	=1.4.8
GnuPG 2 (Gnu Privacy Guard)	=1.4.10
GnuPG 2 (Gnu Privacy Guard)	=1.4.11
GnuPG 2 (Gnu Privacy Guard)	=1.4.12
GnuPG 2 (Gnu Privacy Guard)	=1.4.13
GnuPG 2 (Gnu Privacy Guard)	=1.4.14

Remedy

http://lists.gnupg.org/pipermail/gnupg-devel/2013-December/028102.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4576?
CVE-2013-4576 has a medium severity rating due to the possibility of RSA key extraction via a chosen-ciphertext attack.
How do I fix CVE-2013-4576?
To fix CVE-2013-4576, update GnuPG to version 1.4.16 or later.
Who is affected by CVE-2013-4576?
CVE-2013-4576 affects all versions of GnuPG 1.x prior to 1.4.16.
What type of attack is associated with CVE-2013-4576?
CVE-2013-4576 is associated with a chosen-ciphertext attack allowing key extraction.
What are the implications of CVE-2013-4576 for users of GnuPG?
Users of GnuPG could have their RSA keys compromised if they are vulnerable to physical attacks in proximity to the device during decryption.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/weakness
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/gnupg
canonical/gnupg 2 (gnu privacy guard)
version/gnupg 2 (gnu privacy guard)/1.4.15
version/gnupg 2 (gnu privacy guard)/1.0.0
version/gnupg 2 (gnu privacy guard)/1.0.1
version/gnupg 2 (gnu privacy guard)/1.0.2
version/gnupg 2 (gnu privacy guard)/1.0.3
version/gnupg 2 (gnu privacy guard)/1.0.4
version/gnupg 2 (gnu privacy guard)/1.0.5
version/gnupg 2 (gnu privacy guard)/1.0.6
version/gnupg 2 (gnu privacy guard)/1.0.7
version/gnupg 2 (gnu privacy guard)/1.2.0
version/gnupg 2 (gnu privacy guard)/1.2.1
version/gnupg 2 (gnu privacy guard)/1.2.1-windows
version/gnupg 2 (gnu privacy guard)/1.2.2
version/gnupg 2 (gnu privacy guard)/1.2.3
version/gnupg 2 (gnu privacy guard)/1.2.4
version/gnupg 2 (gnu privacy guard)/1.2.5
version/gnupg 2 (gnu privacy guard)/1.2.6
version/gnupg 2 (gnu privacy guard)/1.2.7
version/gnupg 2 (gnu privacy guard)/1.3.0
version/gnupg 2 (gnu privacy guard)/1.3.1
version/gnupg 2 (gnu privacy guard)/1.3.2
version/gnupg 2 (gnu privacy guard)/1.3.3
version/gnupg 2 (gnu privacy guard)/1.3.4
version/gnupg 2 (gnu privacy guard)/1.3.6
version/gnupg 2 (gnu privacy guard)/1.3.90
version/gnupg 2 (gnu privacy guard)/1.3.91
version/gnupg 2 (gnu privacy guard)/1.3.92
version/gnupg 2 (gnu privacy guard)/1.3.93
version/gnupg 2 (gnu privacy guard)/1.4
version/gnupg 2 (gnu privacy guard)/1.4.0
version/gnupg 2 (gnu privacy guard)/1.4.2
version/gnupg 2 (gnu privacy guard)/1.4.3
version/gnupg 2 (gnu privacy guard)/1.4.4
version/gnupg 2 (gnu privacy guard)/1.4.5
version/gnupg 2 (gnu privacy guard)/1.4.6
version/gnupg 2 (gnu privacy guard)/1.4.8
version/gnupg 2 (gnu privacy guard)/1.4.10
version/gnupg 2 (gnu privacy guard)/1.4.11
version/gnupg 2 (gnu privacy guard)/1.4.12
version/gnupg 2 (gnu privacy guard)/1.4.13
version/gnupg 2 (gnu privacy guard)/1.4.14