Your submission was sent successfully! Close

CVE-2021-3345

Published: 29 January 2021

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.

Priority

High

CVSS 3 base score: 7.8

Status

Package Release Status
libgcrypt11
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

groovy Does not exist

precise Not vulnerable
(1.5.0-3ubuntu0.9)
trusty Not vulnerable
(1.5.3-2ubuntu4.6+esm1)
upstream Needs triage

xenial Does not exist

libgcrypt20
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(1.8.1-4ubuntu1.2)
focal Not vulnerable
(1.8.5-5ubuntu1)
groovy Not vulnerable
(1.8.5-5ubuntu2)
precise Does not exist

trusty Does not exist

upstream
Released (1.9.1)
xenial Not vulnerable
(1.6.5-2ubuntu0.6)