The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG...
Moderate severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Nov 29, 2019
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Apr 4, 2024
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."
References