VDB

GCVE-110-MAGEIA-2018-306

GCVE-110-MAGEIA-2018-306
Advisory Published
Vulnetix · Advisory published July 1, 2018
Updated libgcrypt packages fix security vulnerability: When libgcrypt uses the private key to create a signature, such as for a TLS or SSH connection, it inadvertently leaks information through memory caches. An unprivileged attacker running on the same machine can collect the information from a few thousand signatures and recover the value of the private ECDSA or DSA key (CVE-2018-0495).

Affected Products

VendorProductVersionsPlatforms
Mageialibgcrypt1.5.4-5.5.mga5 (unaffected), 0 (affected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›