GNU Libgcrypt and GnuPG Predictable Random Number Generation Vulnerability

GNU Libgcrypt and GnuPG GNU Privacy Guard are both general-purpose cryptographic libraries developed by the GNU Project based on the GnuPG code. A predictable random number generation vulnerability exists in the mixing function in GNU Libgcrypt prior to 1.6.3-2+deb8u2 and GnuPG prior to...

USN-3065-1 libgcrypt11, libgcrypt20 vulnerability

Felix Dörre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output...