CVE-2018-6829
HIGHLibgcrypt < 1.8.2 - Information Disclosure via ElGamal Ciphertext-Only Attack
Title source: llmDescription
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
References (4)
Core 4
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki
Issue Tracking, Third Party Advisory x_refsource_misc
https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html
Third Party Advisory x_refsource_misc
https://github.com/weikengchen/attack-on-libgcrypt-elgamal
Vendor Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujan2020.html
Scores
CVSS v3
7.5
EPSS
0.0181
EPSS Percentile
76.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-327
Status
published
Products (1)
gnupg/libgcrypt
< 1.8.2
Published
Feb 07, 2018
Tracked Since
Feb 18, 2026