CVE-2017-0379

Summary

Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.

Affected Software

VendorProductVersion RangeStatus
n/alibgcryptlibgcryptaffected

Weaknesses

  • local side-channel attack

ADP Enrichment

CVE Program Container

Additional References

References