The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libgcrypt11-dbg": "1.5.3-2ubuntu4.2", "libgcrypt11-udeb": "1.5.3-2ubuntu4.2", "libgcrypt11-doc": "1.5.3-2ubuntu4.2", "libgcrypt11": "1.5.3-2ubuntu4.2", "libgcrypt11-dev": "1.5.3-2ubuntu4.2" } ] }