CVE-2021-40528

CVE-2021-40528

Name

CVE-2021-40528

Description

The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
MISC	https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2
MISC	https://eprint.iacr.org/2021/923
Mailing List	https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320
cve@mitre.org	https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=3462280f2e23e16adf3ed5176e0f2413d8861320
Third Party Advisory	https://security.gentoo.org/glsa/202210-13

Type

URI

MISC

https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1

MISC

https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2

MISC

https://eprint.iacr.org/2021/923

Mailing List

https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320

cve@mitre.org

https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=3462280f2e23e16adf3ed5176e0f2413d8861320

Third Party Advisory

https://security.gentoo.org/glsa/202210-13

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:gnupg:libgcrypt::::::::`	libgcrypt	>= None	< 1.9.4

CPE URI

Source package

Min version

Max version

cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*

libgcrypt

>= None

< 1.9.4

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
libgcrypt	edge-main	1.8.5-r0	None	possibly vulnerable
libgcrypt	edge-main	1.8.4-r2	None	possibly vulnerable
libgcrypt	edge-main	1.8.3-r0	None	possibly vulnerable
libgcrypt	3.22-main	1.8.5-r0	None	possibly vulnerable
libgcrypt	3.22-main	1.8.4-r2	None	possibly vulnerable
libgcrypt	3.22-main	1.8.3-r0	None	possibly vulnerable
libgcrypt	3.21-main	1.8.5-r0	None	possibly vulnerable
libgcrypt	3.21-main	1.8.4-r2	None	possibly vulnerable
libgcrypt	3.21-main	1.8.3-r0	None	possibly vulnerable
libgcrypt	3.20-main	1.8.5-r0	None	possibly vulnerable
libgcrypt	3.20-main	1.8.4-r2	None	possibly vulnerable
libgcrypt	3.20-main	1.8.3-r0	None	possibly vulnerable
libgcrypt	3.19-main	1.8.5-r0	None	possibly vulnerable
libgcrypt	3.19-main	1.8.4-r2	None	possibly vulnerable
libgcrypt	3.19-main	1.8.3-r0	None	possibly vulnerable
libgcrypt	3.12-main	1.8.8-r1	Natanael Copa <ncopa@alpinelinux.org>	fixed
libgcrypt	3.12-main	1.8.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libgcrypt	3.11-main	1.8.8-r1	Natanael Copa <ncopa@alpinelinux.org>	fixed
libgcrypt	3.11-main	1.8.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages