CVE-2015-0837

NameCVE-2015-0837
DescriptionThe mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-175-1, DLA-190-1, DSA-3184-1, DSA-3185-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libgcrypt20 (PTS)bullseye1.8.7-6fixed
bookworm1.10.1-3fixed
trixie1.11.0-7fixed
forky, sid1.11.2-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gnupgsourcesqueeze1.4.10-4+squeeze7DLA-175-1
gnupgsourcewheezy1.4.12-7+deb7u7DSA-3184-1
gnupgsource(unstable)1.4.18-7
libgcrypt11sourcesqueeze1.4.5-2+squeeze3DLA-190-1
libgcrypt11sourcewheezy1.5.0-5+deb7u3DSA-3185-1
libgcrypt11source(unstable)(unfixed)
libgcrypt20source(unstable)1.6.3-2

Notes

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=6cbc75e71295f23431c4ab95edc7573f2fc28476
Search for package or bug name: Reporting problems