CVE-2021-40529 log

Source
Severity Medium
Remote Yes
Type Information disclosure
Description
The ElGamal implementation in Botan before version 2.18.2, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
Group Package Affected Fixed Severity Status Ticket
AVG-2362 botan 2.18.1-1 2.18.2-1 Medium Fixed
References
https://eprint.iacr.org/2021/923
https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2
https://github.com/randombit/botan/pull/2790
https://github.com/randombit/botan/commit/b031bd90d4e888e886d23dccd4f60a2209edbe00