Search for packages
| purl | pkg:deb/ubuntu/libgcrypt20@1.7.3-2 |
| Next non-vulnerable version | 1.8.5-5ubuntu1.1 |
| Latest non-vulnerable version | 1.8.5-5ubuntu1.1 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2z7d-8u2h-aaaa
Aliases: CVE-2019-13627 |
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. |
Affected by 3 other vulnerabilities. |
|
VCID-6546-cx94-aaah
Aliases: CVE-2021-33560 |
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP. |
Affected by 0 other vulnerabilities. |
|
VCID-av6f-h7c6-aaaq
Aliases: CVE-2017-9526 |
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point operations are used in the MPI library. |
Affected by 6 other vulnerabilities. |
|
VCID-d91d-8t7r-aaag
Aliases: CVE-2018-0495 |
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. |
Affected by 4 other vulnerabilities. |
|
VCID-tegv-r6ak-aaaa
Aliases: CVE-2021-40528 |
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. |
Affected by 0 other vulnerabilities. |
|
VCID-vavn-12uu-aaan
Aliases: CVE-2017-7526 |
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used. |
Affected by 5 other vulnerabilities. |
|
VCID-zyrm-1dsx-aaab
Aliases: CVE-2021-3345 |
_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|