Main Vulnerability Database SB2020110924

SB2020110924 - Red Hat Enterprise Linux 8 update for libgcrypt

Published: November 9, 2020

Security Bulletin ID SB2020110924

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Description

This security bulletin contains information about 1 security vulnerability.

1) Cryptographic issues (CVE-ID: CVE-2019-13627)

The vulnerability allows a remote attacker to perform timing attack.

The vulnerability exists due to an error within the libgcrypt20 cryptographic library. A remote attacker can perform ECDSA timing attack.

Install update from vendor's website.