Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 16 results


CVE-2024-2236

Medium priority
Vulnerable

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

2 affected packages

libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgcrypt11 Not in release Not in release Not in release
libgcrypt20 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2021-3345

High priority
Not affected

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.

2 affected packages

libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgcrypt11 Not in release Not in release Not in release
libgcrypt20 Not affected Not affected Not affected
Show less packages

CVE-2019-13627

Medium priority
Fixed

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.

2 affected packages

libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgcrypt11 Not in release Not in release
libgcrypt20 Fixed Fixed
Show less packages

CVE-2019-12904

Low priority
Ignored

** DISPUTED ** In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where...

2 affected packages

libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgcrypt11 Not in release Not in release Not in release Not in release
libgcrypt20 Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-0495

Low priority

Some fixes available 18 of 19

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in...

6 affected packages

libgcrypt11, libgcrypt20, nss, openssl, openssl098, openssl1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgcrypt11 Not in release Not in release
libgcrypt20 Fixed Fixed
nss Fixed Fixed
openssl Fixed Fixed
openssl098 Not in release Not in release
openssl1.0 Fixed Not in release
Show less packages

CVE-2018-6829

Medium priority
Not affected

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic...

3 affected packages

gnupg, libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnupg Not in release Not affected
libgcrypt11 Not in release Not in release
libgcrypt20 Not affected Not affected
Show less packages

CVE-2017-0379

Medium priority
Fixed

Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.

2 affected packages

libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgcrypt11 Not in release
libgcrypt20 Not affected
Show less packages

CVE-2017-7526

Medium priority
Fixed

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed...

4 affected packages

gnupg, gnupg1, libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnupg Not in release Fixed
gnupg1 Not affected Not in release
libgcrypt11 Not in release Not in release
libgcrypt20 Not affected Fixed
Show less packages

CVE-2017-9526

Low priority
Fixed

In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this...

2 affected packages

libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgcrypt11 Not in release Not in release
libgcrypt20 Not affected Fixed
Show less packages

CVE-2016-6313

High priority
Fixed

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by...

4 affected packages

gnupg, gnupg2, libgcrypt11, libgcrypt20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnupg Not in release Fixed
gnupg2 Not affected Not affected
libgcrypt11 Not in release Not in release
libgcrypt20 Fixed Fixed
Show less packages