Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 795480 (CVE-2021-33560)

Summary: <dev-libs/libgcrypt-{1.8.8,1.9.1}: ElGamal sidechannel leak (CVE-2021-33560)
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: normal CC: hanno, zlogene
Priority: Normal Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A4 [stable?]
Package list:
dev-libs/libgcrypt-1.8.8 *
Runtime testing required: ---

Description Sam James archtester gentoo-dev Security 2021-06-12 03:39:47 UTC
"Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. (There is also an interoperability problem because the selection of the k integer value does not properly consider the differences between basic ElGamal encryption and generalized ElGamal encryption.) This, for example, affects use of ElGamal in OpenPGP."
Comment 1 Larry the Git Cow gentoo-dev 2021-06-16 16:46:59 UTC
The bug has been referenced in the following commit(s):

commit 5ebb8899e39bc7a7773fe930e68697cc48aab8d3
Author:     Sam James <>
AuthorDate: 2021-06-16 16:38:43 +0000
Commit:     Sam James <>
CommitDate: 2021-06-16 16:42:04 +0000

    dev-libs/libgcrypt: add 1.8.8
    Signed-off-by: Sam James <>

 dev-libs/libgcrypt/Manifest               |  1 +
 dev-libs/libgcrypt/libgcrypt-1.8.8.ebuild | 84 +++++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)
Comment 2 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2021-06-27 10:13:26 UTC
*** Bug 767814 has been marked as a duplicate of this bug. ***