QwikSec

Security Database

CVE

CWE

Training

CVE-2015-2141

Published: Jul 1, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_BID

http://sourceforge.net/p/cryptopp/code/542/

x_refsource_CONFIRM

https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff

x_refsource_CONFIRM

openSUSE-SU-2015:1271

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.