Fixed
Created: May 14, 2018
Updated: Jul 15, 2020
Resolved Date: Jul 15, 2020
Found In Version: unknown
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
https://nvd.nist.gov/vuln/detail/CVE-2018-6829