CVE - CVE-2013-4242

CVE-ID
CVE-2013-4242	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[gnupg-announce] 20130725 [Announce] [security fix] GnuPG 1.4.14 released URL:http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717880 MISC:http://eprint.iacr.org/2013/448 CONFIRM:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 DEBIAN:DSA-2730 URL:http://www.debian.org/security/2013/dsa-2730 DEBIAN:DSA-2731 URL:http://www.debian.org/security/2013/dsa-2731 REDHAT:RHSA-2013:1457 URL:http://rhn.redhat.com/errata/RHSA-2013-1457.html SUSE:openSUSE-SU-2013:1294 URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00003.html UBUNTU:USN-1923-1 URL:http://www.ubuntu.com/usn/USN-1923-1 CERT-VN:VU#976534 URL:http://www.kb.cert.org/vuls/id/976534 BID:61464 URL:http://www.securityfocus.com/bid/61464 SECUNIA:54318 URL:http://secunia.com/advisories/54318 SECUNIA:54321 URL:http://secunia.com/advisories/54321 SECUNIA:54332 URL:http://secunia.com/advisories/54332 SECUNIA:54375 URL:http://secunia.com/advisories/54375
Assigning CNA
N/A
Date Entry Created
20130612	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20130612)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Common Vulnerabilities and Exposures

CVE-2013-4242