libgcrypt.so is vulnerable to side-channel attack. The vulnerability exists as the library fails to perform ciphertext blinding for the Elgamal decryption, allowing a local attacker to compromise the server’s private key through a crafted ciphertext and analyzing the fluctuations in the electromagnetic field during multiplication.
CPE | Name | Operator | Version |
---|---|---|---|
libgcrypt.so | le | 11.8.2 |