Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Libgcrypt vulnerabilities (USN-8319-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8319-1 advisory. It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue t...

USN-8319-1 libgcrypt20 vulnerabilities

It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue to cause Libgcrypt to crash, resulting in a denial of service. CVE-2026-41989 It was discovered that Libgcrypt incorrectly handled Dilithium signing. An attacker could possibly...

OESA-2026-2347 libgcrypt security update

Libgcrypt is a general purpose cryptographic library originally based on code from GnuPG. Security Fixes: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt.CVE-2026-41989...

Medium: libgcrypt

Issue Overview: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989 Affected Packages: libgcrypt Issue Correction: Run dnf update libgcrypt --releasever 2023.11.20260514 or dnf update --advisory...

JLSEC-2026-496 Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via...

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

SUSE CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the gcrypkdecrypt function when processing crafted ECDH ciphertext. An attacker can cause a heap-based buffer overflow and potentially achieve denial of service or impact integrity and availability by supplying...

CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

Libgcrypt 缓冲区错误漏洞

Libgcrypt is a general-purpose encryption library based on GnuPG code from the American GNU community. This library implements various encryption algorithms, including symmetric ciphers, hash algorithms, public key algorithms, etc. Versions of Libgcrypt prior to 1.12.2 contained a buffer error...

PT-2026-34640

Name of the Vulnerable Software and Affected Versions Libgcrypt versions prior to 1.12.2 Description A heap-based buffer overflow and denial of service can occur when processing crafted ECDH ciphertext through the gcry pk decrypt function. Recommendations Update to version 1.12.2 or later...