First published: Tue Apr 19 2016(Updated: )
Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
GnuPG Libgcrypt | <=1.6.4 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =8.0 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.