CVE-2017-7526

MEDIUM

libgcrypt <1.7.8 - Cache Side Channel

Title source: llm
STIX 2.1

Description

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.

References (12)

Core 12
Core References
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3733-1/
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7526
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038915
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2017/dsa-3960
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2017/dsa-3901
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3733-2/
Third Party Advisory x_refsource_misc
https://eprint.iacr.org/2017/627
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99338
Mailing List, Vendor Advisory mailing-list x_refsource_mlist
https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html

Scores

CVSS v3 6.1
EPSS 0.0389
EPSS Percentile 88.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-200 CWE-310
Status published
Products (6)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 16.04
debian/debian_linux 8.0
debian/debian_linux 9.0
gnupg/libgcrypt < 1.7.8
Published Jul 26, 2018
Tracked Since Feb 18, 2026