Your submission was sent successfully! Close

CVE-2015-7511

Published: 31 December 2015

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.

Priority

Medium

CVSS 3 base score: 2.0

Status

Package Release Status
libgcrypt11
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

disco Does not exist

precise
Released (1.5.0-3ubuntu0.5)
trusty
Released (1.5.3-2ubuntu4.3)
upstream Needs triage

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

libgcrypt20
Launchpad, Ubuntu, Debian
artful Not vulnerable
(1.6.5-2)
bionic Not vulnerable
(1.6.5-2)
cosmic Not vulnerable
(1.6.5-2)
disco Not vulnerable
(1.6.5-2)
precise Does not exist

trusty Does not exist
(trusty was needed)
upstream
Released (1.6.5)
wily
Released (1.6.3-2ubuntu1.1)
xenial Not vulnerable
(1.6.5-2)
yakkety Not vulnerable
(1.6.5-2)
zesty Not vulnerable
(1.6.5-2)