GCVE-VVD-MAGEIA-2018-306

Advisory Published

Vulnetix · Advisory published July 1, 2018

Updated libgcrypt packages fix security vulnerability: When libgcrypt uses the private key to create a signature, such as for a TLS or SSH connection, it inadvertently leaks information through memory caches. An unprivileged attacker running on the same machine can collect the information from a few thousand signatures and recover the value of the private ECDSA or DSA key (CVE-2018-0495).

Download JSON Open in Console

Affected Products

Vendor	Product	Versions	Platforms
Mageia	libgcrypt	0 (affected), 1.5.4-5.5.mga5 (unaffected)	—

References

Updated libcrypt packages fix a security vulnerability

advisory

Updated libcrypt packages fix a security vulnerability

issue

Updated libcrypt packages fix a security vulnerability

issue

Updated libcrypt packages fix a security vulnerability

issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON