Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 585
Alerts This Week
Warning Icon 1 585

Ubuntu 20.04 ESM: USN-4782-1 Urgent: Libgcrypt Vulnerability Exploit

ubuntu
Calendar Grey June 19, 2018
Dist Ubuntu Esm H88
A security flaw in Libgcrypt for Ubuntu allows exposure of private information via a side-channel attack, prompting immediate patching actions.
Libgcrypt could be made to expose sensitive information.

Summary

Libgcrypt could be made to expose sensitive information.

Software Description:

- libgcrypt11: LGPL Crypto library

Details:

USN-3689-1 fixed a vulnerability in Libgcrypt. This update provides

the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Keegan Ryan discovered that Libgcrypt was susceptible to a side- channel attack. A local attacker could possibly use this attack to

 recover ECDSA private keys.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libgcrypt11                     1.5.0-3ubuntu0.8

In general, a standard system update will make all the necessary
changes.

References

  https://ubuntu.com/security/notices/USN-3689-2

  https://ubuntu.com/security/notices/USN-3689-1

  CVE-2018-0495

Severity
critical
Lowest
Low
Medium
High
Critical

June 19, 2018

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.