CVE-2017-7526 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Private key recovery
Description	The pattern of squarings and multiplications in left-to-right sliding windows in libgcrypt <= 1.7.7 leaks significant information about exponent bits, allowing for the very efficient recovery of a full 1024-bit RSA key.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-338	libgcrypt	1.7.7-1	1.7.8-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
03 Jul 2017	ASA-201707-1	AVG-338	libgcrypt	High	private key recovery

References
https://eprint.iacr.org/2017/627 https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=a9f612def801c8145d551d995475e5d51a4c988c;hp=0e6788517eac6f508fa32ec5d5c1cada7fb980bc