CVE-2017-0379CVE-2017-0379

Affected configuration(s):

cpe:/a:gnupg:libgcrypt:1.8.0
cpe:/o:debian:debian_linux:9.0

Date published: 2017-08-29T18:29:00.173-04:00

Date last modified: 2017-09-05T22:12:42.123-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.securityfocus.com/bid/100503

Summary: Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.