CVE-2018-6829 — Use of a Broken or Risky Cryptographic Algorithm in Libgcrypt
Severity
7.5HIGHNVD
EPSS
0.5%
top 33.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 7
Latest updateMay 13
Description
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages1 packages
🔴Vulnerability Details
3📋Vendor Advisories
3Oracle▶
Oracle Oracle Communications Applications Risk Matrix: General (libgcrypt) — CVE-2018-6829↗2020-01-15
Red Hat▶
libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information↗2018-02-08
Debian▶
CVE-2018-6829: gnupg1 - cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages direc...↗2018
💬Community
4Bugzilla▶
CVE-2018-6829 mingw-libgcrypt: libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information [epel-7]↗2018-02-08
Bugzilla▶
CVE-2018-6829 libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information [fedora-all]↗2018-02-08
Bugzilla▶
CVE-2018-6829 mingw-libgcrypt: libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information [fedora-all]↗2018-02-08
Bugzilla▶
CVE-2018-6829 libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information↗2018-02-08