The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2016-2674.html | |
http://www.debian.org/security/2016/dsa-3649 | Third Party Advisory |
http://www.debian.org/security/2016/dsa-3650 | Third Party Advisory |
http://www.securityfocus.com/bid/92527 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1036635 | |
http://www.ubuntu.com/usn/USN-3064-1 | Third Party Advisory |
http://www.ubuntu.com/usn/USN-3065-1 | Third Party Advisory |
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=blob_plain%3Bf=NEWS | |
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html | Mailing List Vendor Advisory |
https://security.gentoo.org/glsa/201610-04 | |
https://security.gentoo.org/glsa/201612-01 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2016-12-13T20:00:00
Updated: 2018-01-04T19:57:01
Reserved: 2016-07-26T00:00:00
Link: CVE-2016-6313
JSON object: View
NVD Information
Status : Modified
Published: 2016-12-13T20:59:04.267
Modified: 2023-11-07T02:33:57.647
Link: CVE-2016-6313
JSON object: View
Redhat Information
No data.
CWE