CVE-2017-7526

Published: 29 June 2017

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.

Priority

CVSS 3 base score: 6.8

Status

Package	Release	Status
gnupg Launchpad, Ubuntu, Debian	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	precise	Released (1.4.11-3ubuntu2.12)
	trusty	Released (1.4.16-1ubuntu2.6)
	upstream	Needs triage
	xenial	Released (1.4.20-1ubuntu3.3)
gnupg1 Launchpad, Ubuntu, Debian	bionic	Not vulnerable
	cosmic	Not vulnerable
	disco	Not vulnerable
	precise	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
libgcrypt11 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	precise	Released (1.5.0-3ubuntu0.7)
	trusty	Released (1.5.3-2ubuntu4.5)
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
libgcrypt20 Launchpad, Ubuntu, Debian	artful	Not vulnerable (1.7.8-1)
	bionic	Not vulnerable (1.7.8-1)
	cosmic	Not vulnerable (1.7.8-1)
	disco	Not vulnerable (1.7.8-1)
	precise	Does not exist
	trusty	Does not exist (trusty was needed)
	upstream	Released (1.7.8-1)
	xenial	Released (1.6.5-2ubuntu0.3)
	yakkety	Released (1.7.2-2ubuntu1.1)
	zesty	Released (1.7.6-1ubuntu0.1)

References

Bugs

https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1785176

CVE-2017-7526

Medium

Status

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading