libgcrypt20 vulnerabilities and exploits

(subscribe to this query)

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote malicious user to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

1 Github repository

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.

Gnupg Libgcrypt 1.9.0 Oracle Communications Billing And Revenue Management 12.0.0.3.0

2 Github repositories

The mpi_powm function in Libgcrypt prior to 1.6.3 and GnuPG prior to 1.4.19 allows malicious users to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel ...

Gnupg Gnupg Gnupg Libgcrypt Debian Debian Linux 7.0 Debian Debian Linux 8.0

Libgcrypt prior to 1.6.3 and GnuPG prior to 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate malicious users to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the ...

Gnupg Gnupg Gnupg Libgcrypt Debian Debian Linux 7.0 Debian Debian Linux 8.0

It exists that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.

Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 19.04 Canonical Ubuntu Linux 19.10 Opensuse Leap 15.0 Opensuse Leap 15.1 Libgcrypt20 Project Libgcrypt20 1.6.3-2\\+deb8u4 Libgcrypt20 Project Libgcrypt20 1.7.6-2\\+deb9u3 Libgcrypt20 Project Libgcrypt20 1.8.4-5

1 Github repository

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computatio...

Gnupg Libgcrypt Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 12.04 Debian Debian Linux 8.0 Debian Debian Linux 9.0

Libgcrypt prior to 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for malicious users to discover a secret key, related to cipher/ecc.c and mpi/ec.c.

Gnupg Libgcrypt Debian Debian Linux 9.0

In Libgcrypt prior to 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that con...

Gnupg Libgcrypt

Libgcrypt prior to 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate malicious users to extract ECDH keys by measuring electromagnetic emanations.

Gnupg Libgcrypt Debian Debian Linux 8.0 Debian Debian Linux 7.0 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 15.10 Canonical Ubuntu Linux 14.04

1 Article

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook