Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-175-1 | gnupg security update |
![]() |
DLA-190-1 | libgcrypt11 security update |
![]() |
DSA-3184-1 | gnupg security update |
![]() |
DSA-3185-1 | libgcrypt11 security update |
![]() |
EUVD-2014-3565 | Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication. |
![]() |
USN-2554-1 | GnuPG vulnerabilities |
![]() |
USN-2555-1 | Libgcrypt vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Sun, 13 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T10:50:17.627Z
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3591

No data.

Status : Modified
Published: 2019-11-29T22:15:11.703
Modified: 2024-11-21T02:08:27.843
Link: CVE-2014-3591


No data.