795480 – (CVE-2021-33560) <dev-libs/libgcrypt-{1.8.8,1.9.1}: ElGamal sidechannel leak (CVE-2021-33560)

Bug 795480 (CVE-2021-33560) - <dev-libs/libgcrypt-{1.8.8,1.9.1}: ElGamal sidechannel leak (CVE-2021-33560)

Summary: <dev-libs/libgcrypt-{1.8.8,1.9.1}: ElGamal sidechannel leak (CVE-2021-33560)

Status:	RESOLVED FIXED

Alias:	CVE-2021-33560

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:
Whiteboard:	A4 [glsa+]
Keywords:

Duplicates (1):	CVE-2021-3345 (view as bug list)
Depends on:
Blocks:

Reported:	2021-06-12 03:39 UTC by Sam James
Modified:	2022-10-31 02:25 UTC (History)
CC List:	3 users (show)

See Also:
Package list:	dev-libs/libgcrypt-1.8.8
Runtime testing required:	---

Flags:	nattka: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam James archtester

2021-06-12 03:39:47 UTC

Description:
"Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. (There is also an interoperability problem because the selection of the k integer value does not properly consider the differences between basic ElGamal encryption and generalized ElGamal encryption.) This, for example, affects use of ElGamal in OpenPGP."

Comment 1 Larry the Git Cow gentoo-dev

2021-06-16 16:46:59 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ebb8899e39bc7a7773fe930e68697cc48aab8d3

commit 5ebb8899e39bc7a7773fe930e68697cc48aab8d3
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-06-16 16:38:43 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-06-16 16:42:04 +0000

    dev-libs/libgcrypt: add 1.8.8
    
    Bug: https://bugs.gentoo.org/795480
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-libs/libgcrypt/Manifest               |  1 +
 dev-libs/libgcrypt/libgcrypt-1.8.8.ebuild | 84 +++++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)

Comment 2 Mikle Kolyada (RETIRED) archtester

2021-06-27 10:13:26 UTC

*** Bug 767814 has been marked as a duplicate of this bug. ***

Comment 3 Sam James archtester

2021-09-18 19:45:30 UTC

arm done

Comment 4 Sam James archtester

2021-09-18 19:45:51 UTC

arm64 done

Comment 5 Sam James archtester

2021-09-18 19:51:14 UTC

sparc done

Comment 6 Agostino Sarubbo gentoo-dev

2021-09-19 06:37:33 UTC

ppc64 stable

Comment 7 Agostino Sarubbo gentoo-dev

2021-09-19 21:36:11 UTC

amd64 stable

Comment 8 Agostino Sarubbo gentoo-dev

2021-09-20 06:25:56 UTC

x86 stable

Comment 9 Sam James archtester

2021-09-24 15:37:26 UTC

ppc done

Comment 10 Rolf Eike Beer archtester

2021-10-20 05:11:38 UTC

hppa done

Comment 11 John Helmert III archtester

2021-10-20 13:01:36 UTC

Please cleanup.

Comment 12 John Helmert III archtester

2022-10-21 17:36:51 UTC

GLSA request filed

Comment 13 Larry the Git Cow gentoo-dev

2022-10-31 01:42:05 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=65e8a66a03a13ff76fb2733745a316822ef89c7e

commit 65e8a66a03a13ff76fb2733745a316822ef89c7e
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-10-31 01:09:53 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-10-31 01:40:14 +0000

    [ GLSA 202210-13 ] libgcrypt: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/766213
    Bug: https://bugs.gentoo.org/795480
    Bug: https://bugs.gentoo.org/811900
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202210-13.xml | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

Comment 14 John Helmert III archtester

2022-10-31 01:51:28 UTC

GLSA released, all done!