Vulnerability identifier: #VU7276
Vulnerability risk: Low
Exploitation vector: Network
Exploit availability: No
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists in libgcrypt's RSA-1024 implementation using left-to-right method for computing the sliding-window expansion. A remote attacker can perform side-channel attack and gain access to potentially sensitive information.
Update libgcrypt to version 1.7.8.
Vulnerable software versions
Libgcrypt: 1.7.0 - 1.7.7
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?