Red Hat Security Advisory 2014-0016-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. It was found that GnuPG was vulnerable to side-channel attacks via acoustic cryptanalysis. An attacker in close range to a target system that is decrypting ciphertexts could possibly use this flaw to recover the RSA secret key from that system.
92f13729f4b54c534a54e150e068451da996807420be54bf53c58911ac9a5647Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
ab3db282a85856e5b007899a61b52bc3ffcb2bbd489689a6786d35e69dff195fMandriva Linux Security Advisory 2013-295 - Genkin, Shamir and Tromer discovered that RSA key material could be extracted by using the sound generated by the computer during the decryption of some chosen ciphertexts. The updated packages have been patched to correct this issue.
3c334674013ce601808d392c2122d76c04aab3c1e8475ddbd9575f0e0687ed02Ubuntu Security Notice 2059-1 - Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via acoustic emanations. A local attacker could use this attack to possibly recover private keys.
16ac9e783f1fa692c48f7890174bad76117c06f8e39951e4f7f09ea68b7bdfafDebian Linux Security Advisory 2821-1 - Genkin, Shamir and Tromer discovered that RSA key material could be extracted by using the sound generated by the computer during the decryption of some chosen ciphertexts.
2c2d8746bfc6dea5665e9588d1a565e9aff727d819902a5cb1828388f1e982a2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed