VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Aug 19, 2013· Updated Apr 29, 2026

CVE-2013-4242

CVE-2013-4242

Description

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

Affected products

96
  • Canonical (company)/Ubuntu Linux4 versions
    cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
  • Debian/Debian Linux2 versions
    cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • Gnupg/Gnupg80 versions
    cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*+ 79 more
    • cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*range: <=1.4.13
    • cpe:2.3:a:gnupg:gnupg:0.0.0:-:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.2.15:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.2.16:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.2.17:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.2.18:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.2.19:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.9:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:0.9.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.4:-:win32:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.5:-:win32:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.1:windows:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.90:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.91:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.92:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.3.93:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*
  • Gnupg/Libgcrypt8 versions
    cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*range: <=1.5.2
    • cpe:2.3:a:gnupg:libgcrypt:1.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:libgcrypt:1.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:libgcrypt:1.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:libgcrypt:1.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:libgcrypt:1.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:libgcrypt:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnupg:libgcrypt:1.5.1:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

16

News mentions

0

No linked articles in our index yet.