ECDSA Timing Attack Vulnerability in libgcrypt20 by GnuPG
CVE-2019-13627
6.3MEDIUM
What is CVE-2019-13627?
A vulnerability was identified in the libgcrypt20 cryptographic library where an ECDSA timing attack could potentially allow attackers to recover private keys. This vulnerability affects specific versions of the library, and it's crucial for users to update to the fixed versions to mitigate the risk. Patching to versions 1.8.5-2 or 1.6.3-2+deb8u7 is highly advised to ensure security and protect sensitive data.