UBUNTU-CVE-2013-5915

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2013-5915

Published: 04 Oct 2013, 17:55

Last modified:16 Jul 2025, 07:17

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

04 Oct 2013, 17:55

Published

Vulnerability first disclosed

16 Jul 2025, 07:17

Last Modified

Vulnerability information updated

Description

The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA private keys.

Affected Systems

ubuntu•polarssl
< 1.3.4-1

References (5)

https://ubuntu.com/security/CVE-2013-5915
https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-05
http://secunia.com/advisories/55084
http://osvdb.org/98049
https://www.cve.org/CVERecord?id=CVE-2013-5915