QwikSec

Security Database

CVE

CWE

Training

CVE-2021-40528

Published: Sep 6, 2021

Modified: Jun 9, 2025

PUBLISHED

Description

The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://eprint.iacr.org/2021/923

https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1

https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2

https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=3462280f2e23e16adf3ed5176e0f2413d8861320

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.