Support Content Notification - Support Portal

BSA-2017-457

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21624

Last Updated

24 December 2018

Initial Publication Date

17 November 2017

Status

Closed

Severity

Low

CVSS Base Score

1.9

WorkAround

N/A

Affected CVE

CVE-2013-4242

Summary
Security Advisory ID : BSA-2017-457
Component : GnuPG & Libgcrypt
Revision : 2.0: Final

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

Affected Products

No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.

Revision History

Version	Change	Date
1.0	Initial Publication	November 17, 2017
2.0	Updated for Fibre Channel Only	December 24, 2018

Summary Security Advisory ID : BSA-2017-457 Component : GnuPG & Libgcrypt Revision : 2.0: Final

Revision History

Summary
Security Advisory ID : BSA-2017-457
Component : GnuPG & Libgcrypt
Revision : 2.0: Final