- Home
- CVEs with nessus.description==The crypto library libgcrypt11 has a weakness in the random number
generator.
CVE-2016-6313
Felix Dörre and Vladimir Klebanov from the Karlsruhe Institute of
Technology found a bug in the mixing functions of Libgcrypt's random
number generator. An attacker who obtains 4640 bits from the RNG can
trivially predict the next 160 bits of output.
A first analysis on the impact of this bug in GnuPG shows that
existing RSA keys are not weakened. For DSA and Elgamal keys it is
also unlikely that the private key can be predicted from other public
information.
For Debian 7 'Wheezy', these problems have been fixed in version
1.5.0-5 deb7u5.
We recommend that you upgrade your libgcrypt11 packages.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top