CVE-2015-2141
EPSS 0.40%libcrypto++ - security update
發布日:2015/7/1修改日:2026/4/28
描述
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack.
受影響套件(3)
- Debian/libcrypto++from 0, < 5.6.1-7
- Debian/libcrypto++from 0, < 5.6.0-6+deb6u1
- Debian/libcrypto++from 0, < 5.6.1-6+deb7u1