libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack (CVE-2019-12904)
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)
References:
- https://nvd.nist.gov/vuln/detail/CVE-2019-12904
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12904
Patches:
- https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
- https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
Affected branches:
-
master -
3.10-stable -
3.9-stable -
3.8-stable -
3.7-stable