VDB

GCVE-VVD-MAGEIA-2018-306

GCVE-VVD-MAGEIA-2018-306
Advisory Published
Vulnetix · Advisory published July 1, 2018
Updated libgcrypt packages fix security vulnerability: When libgcrypt uses the private key to create a signature, such as for a TLS or SSH connection, it inadvertently leaks information through memory caches. An unprivileged attacker running on the same machine can collect the information from a few thousand signatures and recover the value of the private ECDSA or DSA key (CVE-2018-0495).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageialibgcrypt0 (affected), 1.5.4-5.5.mga5 (unaffected)

References

Updated libcrypt packages fix a security vulnerability
advisory
Updated libcrypt packages fix a security vulnerability
issue
Updated libcrypt packages fix a security vulnerability
issue
Updated libcrypt packages fix a security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›