CVE-2021-33560 log

Severity Medium
Remote Yes
Type Private key recovery
Libgcrypt before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. (There is also an interoperability problem because the selection of the k integer value does not properly consider the differences between basic ElGamal encryption and generalized ElGamal encryption.) This, for example, affects use of ElGamal in OpenPGP.
Group Package Affected Fixed Severity Status Ticket
AVG-2014 lib32-libgcrypt15 1.5.6-5 Medium Vulnerable
AVG-2013 libgcrypt15 1.5.6-4 Medium Vulnerable
AVG-2012 lib32-libgcrypt 1.9.2-1 1.9.3-1 Medium Fixed
AVG-2011 libgcrypt 1.9.2-1 1.9.3-1 Medium Fixed