CVE-2015-2141 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-2141 Interim 1 16 2025-11-05T04:54:11Z current 2021-05-30T13:28:13Z 2025-11-05T04:54:11Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-2141 The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 openSUSE Tumbleweed libcryptopp-devel-5.6.4-1.3 libcryptopp-devel-5.6.5-1.3.1 libcryptopp-devel-8.6.0-150400.1.6 libcryptopp-devel-8.6.0-150400.3.6.1 libcryptopp-devel-static-5.6.4-1.3 libcryptopp5_6-32bit-5.6.4-1.3 libcryptopp5_6-5.6.4-1.3 libcryptopp5_6_5-5.6.5-1.3.1 libcryptopp8_6_0-8.6.0-150400.1.6 libcryptopp8_6_0-8.6.0-150400.3.6.1 libcryptopp-devel-5.6.5-1.3.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libcryptopp5_6_5-5.6.5-1.3.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libcryptopp-devel-8.6.0-150400.1.6 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libcryptopp8_6_0-8.6.0-150400.1.6 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libcryptopp-devel-8.6.0-150400.1.6 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 libcryptopp8_6_0-8.6.0-150400.1.6 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 libcryptopp-devel-8.6.0-150400.3.6.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libcryptopp8_6_0-8.6.0-150400.3.6.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libcryptopp-devel-8.6.0-150400.3.6.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libcryptopp8_6_0-8.6.0-150400.3.6.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libcryptopp-devel-5.6.4-1.3 as a component of openSUSE Tumbleweed libcryptopp-devel-static-5.6.4-1.3 as a component of openSUSE Tumbleweed libcryptopp5_6-5.6.4-1.3 as a component of openSUSE Tumbleweed libcryptopp5_6-32bit-5.6.4-1.3 as a component of openSUSE Tumbleweed The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack. CVE-2015-2141 SUSE Linux Enterprise Module for Basesystem 15 SP3:libcryptopp-devel-5.6.5-1.3.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:libcryptopp5_6_5-5.6.5-1.3.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:libcryptopp-devel-8.6.0-150400.1.6 SUSE Linux Enterprise Module for Basesystem 15 SP4:libcryptopp8_6_0-8.6.0-150400.1.6 SUSE Linux Enterprise Module for Basesystem 15 SP5:libcryptopp-devel-8.6.0-150400.1.6 SUSE Linux Enterprise Module for Basesystem 15 SP5:libcryptopp8_6_0-8.6.0-150400.1.6 SUSE Linux Enterprise Module for Basesystem 15 SP6:libcryptopp-devel-8.6.0-150400.3.6.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libcryptopp8_6_0-8.6.0-150400.3.6.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libcryptopp-devel-8.6.0-150400.3.6.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libcryptopp8_6_0-8.6.0-150400.3.6.1 openSUSE Tumbleweed:libcryptopp-devel-5.6.4-1.3 openSUSE Tumbleweed:libcryptopp-devel-static-5.6.4-1.3 openSUSE Tumbleweed:libcryptopp5_6-5.6.4-1.3 openSUSE Tumbleweed:libcryptopp5_6-32bit-5.6.4-1.3 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N