BSA-2017-457
21624
24 December 2018
17 November 2017
Closed
Low
1.9
N/A
CVE-2013-4242
Summary
Security Advisory ID : BSA-2017-457
Component : GnuPG & Libgcrypt
Revision : 2.0: Final
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
Affected Products
No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | November 17, 2017 |
2.0 | Updated for Fibre Channel Only | December 24, 2018 |