1009 matches found
Updated libgcrypt packages fix security vulnerability
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989...
MGASA-2026-0212 Updated libgcrypt packages fix security vulnerability
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989...
EulerOS Virtualization 2.13.1 : libgcrypt (EulerOS-SA-2026-2374)
According to the versions of the libgcrypt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to...
EulerOS Virtualization 2.13.0 : libgcrypt (EulerOS-SA-2026-2403)
According to the versions of the libgcrypt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to...
EulerOS 2.0 SP13 : libgcrypt (EulerOS-SA-2026-2296)
According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to...
EulerOS 2.0 SP13 : libgcrypt (EulerOS-SA-2026-2339)
According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Libgcrypt vulnerabilities (USN-8319-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8319-1 advisory. It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue t...
USN-8319-1 libgcrypt20 vulnerabilities
It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue to cause Libgcrypt to crash, resulting in a denial of service. CVE-2026-41989 It was discovered that Libgcrypt incorrectly handled Dilithium signing. An attacker could possibly...
libssh: Memory Exhaustion via Repeated Key Exchange in libssh
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
Amazon Linux 2023 : libgcrypt, libgcrypt-devel (ALAS2023-2026-1705)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1705 advisory. Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989 Tenable has extracted the preceding description...
OESA-2026-2348 libgcrypt security update
Libgcrypt is a general purpose cryptographic library originally based on code from GnuPG. Security Fixes: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt.CVE-2026-41989...
OESA-2026-2347 libgcrypt security update
Libgcrypt is a general purpose cryptographic library originally based on code from GnuPG. Security Fixes: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt.CVE-2026-41989...
OESA-2026-2346 libgcrypt security update
Libgcrypt is a general purpose cryptographic library originally based on code from GnuPG. Security Fixes: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt.CVE-2026-41989...
OESA-2026-2345 libgcrypt security update
Libgcrypt is a general purpose cryptographic library originally based on code from GnuPG. Security Fixes: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt.CVE-2026-41989...
Medium: libgcrypt
Issue Overview: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989 Affected Packages: libgcrypt Issue Correction: Run dnf update libgcrypt --releasever 2023.11.20260514 or dnf update --advisory...
JLSEC-2026-497 Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds...
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
JLSEC-2026-496 Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via...
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
Unity Linux 20.1060e / 20.1070e Security Update: libgcrypt (UTSA-2026-017437)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017437 advisory. The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous...
Unity Linux 20.1060e / 20.1070e Security Update: libgcrypt (UTSA-2026-017573)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017573 advisory. Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm, and...
CVE-2026-41989 affecting package libgcrypt for versions less than 1.10.3-2
CVE-2026-41989 affecting package libgcrypt for versions less than 1.10.3-2. A patched version of the package is available...