The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "libgcrypt20-udeb-dbgsym": "1.6.5-2ubuntu0.6+esm1", "libgcrypt20-doc": "1.6.5-2ubuntu0.6+esm1", "libgcrypt20": "1.6.5-2ubuntu0.6+esm1", "libgcrypt20-dev": "1.6.5-2ubuntu0.6+esm1", "libgcrypt11-dev": "1.5.4-3+really1.6.5-2ubuntu0.6+esm1", "libgcrypt20-dev-dbgsym": "1.6.5-2ubuntu0.6+esm1", "libgcrypt20-dbgsym": "1.6.5-2ubuntu0.6+esm1", "libgcrypt20-udeb": "1.6.5-2ubuntu0.6+esm1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libgcrypt-mingw-w64-dev": "1.8.1-4ubuntu1.3", "libgcrypt20-doc": "1.8.1-4ubuntu1.3", "libgcrypt20": "1.8.1-4ubuntu1.3", "libgcrypt20-dev": "1.8.1-4ubuntu1.3", "libgcrypt11-dev": "1.5.4-3+really1.8.1-4ubuntu1.3", "libgcrypt20-dev-dbgsym": "1.8.1-4ubuntu1.3", "libgcrypt20-dbgsym": "1.8.1-4ubuntu1.3", "libgcrypt20-udeb": "1.8.1-4ubuntu1.3" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libgcrypt-mingw-w64-dev": "1.8.5-5ubuntu1.1", "libgcrypt20-doc": "1.8.5-5ubuntu1.1", "libgcrypt20": "1.8.5-5ubuntu1.1", "libgcrypt20-dev": "1.8.5-5ubuntu1.1", "libgcrypt20-dev-dbgsym": "1.8.5-5ubuntu1.1", "libgcrypt20-dbgsym": "1.8.5-5ubuntu1.1", "libgcrypt20-udeb": "1.8.5-5ubuntu1.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libgcrypt-mingw-w64-dev": "1.8.7-5ubuntu2", "libgcrypt20-doc": "1.8.7-5ubuntu2", "libgcrypt20-dev-dbgsym": "1.8.7-5ubuntu2", "libgcrypt20": "1.8.7-5ubuntu2", "libgcrypt20-dbgsym": "1.8.7-5ubuntu2", "libgcrypt20-dev": "1.8.7-5ubuntu2" } ] }