Vulnerability Details CVE-2021-40530
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.9%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 2.6
References
- https://eprint.iacr.org/2021/923
- https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
- https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57OJA2K5AHX5HAU2QBDRWLGIIUX7GASC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGVBZ2TTRKCTYAZTRHTF6OBD4W37F5MT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VJYOZGWI7TD27SEXILSM6VUTPPEICDL7/
- https://eprint.iacr.org/2021/923
- https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
- https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57OJA2K5AHX5HAU2QBDRWLGIIUX7GASC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGVBZ2TTRKCTYAZTRHTF6OBD4W37F5MT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VJYOZGWI7TD27SEXILSM6VUTPPEICDL7/
Products affected by CVE-2021-40530
-
cpe:2.3:a:cryptopp:crypto++:5.0
-
cpe:2.3:a:cryptopp:crypto++:5.1
-
cpe:2.3:a:cryptopp:crypto++:5.2
-
cpe:2.3:a:cryptopp:crypto++:5.2.1
-
cpe:2.3:a:cryptopp:crypto++:5.2.3
-
cpe:2.3:a:cryptopp:crypto++:5.3.0
-
cpe:2.3:a:cryptopp:crypto++:5.4
-
cpe:2.3:a:cryptopp:crypto++:5.5
-
cpe:2.3:a:cryptopp:crypto++:5.5.1
-
cpe:2.3:a:cryptopp:crypto++:5.5.2
-
cpe:2.3:a:cryptopp:crypto++:5.6.0
-
cpe:2.3:a:cryptopp:crypto++:5.6.1
-
cpe:2.3:a:cryptopp:crypto++:5.6.2
-
cpe:2.3:a:cryptopp:crypto++:5.6.3
-
cpe:2.3:a:cryptopp:crypto++:5.6.4
-
cpe:2.3:a:cryptopp:crypto++:5.6.5
-
cpe:2.3:a:cryptopp:crypto++:6.0.0
-
cpe:2.3:a:cryptopp:crypto++:6.1.0
-
cpe:2.3:a:cryptopp:crypto++:7.0.0
-
cpe:2.3:a:cryptopp:crypto++:8.0.0
-
cpe:2.3:a:cryptopp:crypto++:8.1.0
-
cpe:2.3:a:cryptopp:crypto++:8.2.0
-
cpe:2.3:a:cryptopp:crypto++:8.3.0
-
cpe:2.3:a:cryptopp:crypto++:8.4.0
-
cpe:2.3:o:fedoraproject:fedora:33
-
cpe:2.3:o:fedoraproject:fedora:34
-
cpe:2.3:o:fedoraproject:fedora:35