Home

CVE-2013-4242

Description

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

Risk Information

Base Score
10.0
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.157

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in GnuPG for windows 1.4.0Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.8Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.1Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.10Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.11Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.12Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.13Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.14Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.15Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.16Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.3Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.4Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.5Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.6Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.7Windows
Multiple Vulnerabilities are affected in GnuPG for windows 1.4.10Windows
Multiple Vulnerabilities are affected in GnuPG for windows 1.4.11Windows
Multiple Vulnerabilities are affected in GnuPG for windows 1.4.12Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.17Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.18Windows
Multiple Vulnerabilities are affected in GnuPG for windows 2.0.19Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.0.0Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.2.15Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.2.16Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.2.17Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.2.18Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.2.19Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.3.0Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.3.1Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.3.2Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.3.3Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.3.4Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.3.5Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.4.0Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.4.1Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.4.3Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.4.4Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.4.5Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.0Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.1Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.10Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.11Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.2Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.3Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.4Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.5Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.6Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.7Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.8Windows
Vulnerabilities CVE-2013-4242 are affected in GnuPG for windows 0.9.9Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.0.0Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.0.1Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.0.2Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.0.3Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.0.6Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.0.7Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.2.0Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.2.1Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.2.2Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.2.3Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.2.4Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.2.5Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.2.6Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.2.7Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.0Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.1Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.2Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.3Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.4Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.6Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.90Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.91Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.92Windows
Vulnerabilities CVE-2013-4242,CVE-2013-4576,CVE-2014-4617 are affected in GnuPG for windows 1.3.93Windows
Multiple Vulnerabilities are affected in GnuPG for windows 1.4.13Windows
GNU privacy guard - a free PGP replacement (USN-1923-1) libgcrypt11_1.5.0-3ubuntu0.4_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-1923-1) libgcrypt11_1.5.0-3ubuntu0.4_amd64.debLinux
gnupg security update(DSA-3184-1) gnupg_1.4.12-7+deb7u7_i386.debLinux
(RHSA-2013:1457) Moderate: libgcrypt security update libgcrypt-1.4.4-7.el5_10.i386.rpmLinux
(RHSA-2013:1457) Moderate: libgcrypt security update libgcrypt-1.4.4-7.el5_10.x86_64.rpmLinux
(RHSA-2013:1457) Moderate: libgcrypt security update libgcrypt-devel-1.4.4-7.el5_10.i386.rpmLinux
(RHSA-2013:1457) Moderate: libgcrypt security update libgcrypt-devel-1.4.4-7.el5_10.x86_64.rpmLinux
Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4242)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234