CVE-2019-12904

Published: 20 June 2019

** DISPUTED ** In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor's position is that the issue report cannot be validated because there is no description of an attack.

Priority

Low

CVSS 3 base score: 5.9

Status

Package Release Status
libgcrypt11
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)
libgcrypt20
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Deferred
(2020-01-06)
Ubuntu 20.10 (Groovy Gorilla) Deferred
(2020-01-06)
Ubuntu 20.04 LTS (Focal Fossa) Deferred
(2020-01-06)
Ubuntu 18.04 LTS (Bionic Beaver) Deferred
(2020-01-06)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Patches:
Upstream: https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
Upstream: https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762

Notes

AuthorNote
mdeslaur
as of 2020-01-06, upstream developers haven't determined if this
is an actual issue or not yet, see:
https://lists.gnupg.org/pipermail/gcrypt-devel/2019-July/004760.html

References

Bugs