Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 4 |
CVE-ID | CVE-2013-4576 CVE-2014-3591 CVE-2014-5270 CVE-2015-0837 |
CWE-ID | CWE-255 CWE-200 CWE-20 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system |
Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU42223
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-4576
CWE-ID:
CWE-255 - Credentials Management
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not typically expected to protect themselves from acoustic side-channel attacks, since this is arguably the responsibility of the physical device. Accordingly, issues of this type would not normally receive a CVE identifier. However, for this issue, the developer has specified a security policy in which GnuPG should offer side-channel resistance, and developer-specified security-policy violations are within the scope of CVE.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
libgcrypt-debuginfo-1.5.3-12.18.amzn1.i686
libgcrypt-devel-1.5.3-12.18.amzn1.i686
libgcrypt-1.5.3-12.18.amzn1.i686
src:
libgcrypt-1.5.3-12.18.amzn1.src
x86_64:
libgcrypt-devel-1.5.3-12.18.amzn1.x86_64
libgcrypt-debuginfo-1.5.3-12.18.amzn1.x86_64
libgcrypt-1.5.3-12.18.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-577.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU30571
Risk: Low
CVSSv3.1: 3.7 [CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-3591
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to gain access to sensitive information.
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
libgcrypt-debuginfo-1.5.3-12.18.amzn1.i686
libgcrypt-devel-1.5.3-12.18.amzn1.i686
libgcrypt-1.5.3-12.18.amzn1.i686
src:
libgcrypt-1.5.3-12.18.amzn1.src
x86_64:
libgcrypt-devel-1.5.3-12.18.amzn1.x86_64
libgcrypt-debuginfo-1.5.3-12.18.amzn1.x86_64
libgcrypt-1.5.3-12.18.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-577.html
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU32505
Risk: Low
CVSSv3.1: 3.5 [CVSS:3.1/CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-5270
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to gain access to sensitive information.
Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
libgcrypt-debuginfo-1.5.3-12.18.amzn1.i686
libgcrypt-devel-1.5.3-12.18.amzn1.i686
libgcrypt-1.5.3-12.18.amzn1.i686
src:
libgcrypt-1.5.3-12.18.amzn1.src
x86_64:
libgcrypt-devel-1.5.3-12.18.amzn1.x86_64
libgcrypt-debuginfo-1.5.3-12.18.amzn1.x86_64
libgcrypt-1.5.3-12.18.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-577.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU33822
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-0837
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."
MitigationUpdate the affected packages:
i686:Vulnerable software versions
libgcrypt-debuginfo-1.5.3-12.18.amzn1.i686
libgcrypt-devel-1.5.3-12.18.amzn1.i686
libgcrypt-1.5.3-12.18.amzn1.i686
src:
libgcrypt-1.5.3-12.18.amzn1.src
x86_64:
libgcrypt-devel-1.5.3-12.18.amzn1.x86_64
libgcrypt-debuginfo-1.5.3-12.18.amzn1.x86_64
libgcrypt-1.5.3-12.18.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-577.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.