Search CVE reports
1 – 10 of 16 results
CVE-2024-2236
Low priorityA timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
2 affected packages
libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libgcrypt11 | Not in release | Not in release | Not in release | — | — |
libgcrypt20 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2021-3345
High priority_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.
2 affected packages
libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libgcrypt11 | — | — | Not in release | Not in release | Not in release |
libgcrypt20 | — | — | Not affected | Not affected | Not affected |
CVE-2019-13627
Medium priorityIt was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
2 affected packages
libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libgcrypt11 | — | — | — | Not in release | Not in release |
libgcrypt20 | — | — | — | Fixed | Fixed |
CVE-2019-12904
Low priority** DISPUTED ** In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where...
2 affected packages
libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libgcrypt11 | — | Not in release | Not in release | Not in release | Not in release |
libgcrypt20 | — | Not affected | Not affected | Not affected | Not affected |
CVE-2018-0495
Low prioritySome fixes available 18 of 19
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in...
6 affected packages
libgcrypt11, libgcrypt20, nss, openssl, openssl098, openssl1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libgcrypt11 | — | — | — | Not in release | Not in release |
libgcrypt20 | — | — | — | Fixed | Fixed |
nss | — | — | — | Fixed | Fixed |
openssl | — | — | — | Fixed | Fixed |
openssl098 | — | — | — | Not in release | Not in release |
openssl1.0 | — | — | — | Fixed | Not in release |
CVE-2018-6829
Medium prioritycipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic...
3 affected packages
gnupg, libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | Not in release | Not affected |
libgcrypt11 | — | — | — | Not in release | Not in release |
libgcrypt20 | — | — | — | Not affected | Not affected |
CVE-2017-0379
Medium priorityLibgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
2 affected packages
libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libgcrypt11 | — | — | — | — | Not in release |
libgcrypt20 | — | — | — | — | Not affected |
CVE-2017-7526
Medium prioritylibgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed...
4 affected packages
gnupg, gnupg1, libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | Not in release | Fixed |
gnupg1 | — | — | — | Not affected | Not in release |
libgcrypt11 | — | — | — | Not in release | Not in release |
libgcrypt20 | — | — | — | Not affected | Fixed |
CVE-2017-9526
Low priorityIn Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this...
2 affected packages
libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libgcrypt11 | — | — | — | Not in release | Not in release |
libgcrypt20 | — | — | — | Not affected | Fixed |
CVE-2016-6313
High priorityThe mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by...
4 affected packages
gnupg, gnupg2, libgcrypt11, libgcrypt20
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | Not in release | Fixed |
gnupg2 | — | — | — | Not affected | Not affected |
libgcrypt11 | — | — | — | Not in release | Not in release |
libgcrypt20 | — | — | — | Fixed | Fixed |