CVE-2017-14737 log
Source |
|
Severity | Medium |
Remote | No |
Type | Information disclosure |
Description | A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-416 | botan | 2.2.0-1 | 2.3.0-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
12 Oct 2017 | ASA-201710-17 | AVG-416 | botan | Medium | information disclosure |