Description:
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)

Severity: Medium
More Information: https://security-tracker.debian.org/tracker/CVE-2019-12904

Namespace: debian:10
Feature: libgcrypt20
Feature Version: 1.8.4-5
Fixed By Version:
Assessment:
Unassessed by Unknown on

Images From The Clair Vulnerability Source

Feed Repository Tag Assessed Unassessed
No images are associated with this layer