VDB

GCVE-110-MAGEIA-2016-292

GCVE-110-MAGEIA-2016-292
Advisory Published
Vulnetix · Advisory published August 31, 2016
Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output (CVE-2016-6313). The gnupg package has been patched to correct these issues. GnuPG2 is vulnerable to these issues through the libgcrypt library. The libgcrypt package has also been patched to correct this issue.

Affected Products

VendorProductVersionsPlatforms
Mageiagnupg0 (affected), 1.4.19-1.2.mga5 (unaffected)
Mageialibgcrypt0 (affected), 1.5.4-5.3.mga5 (unaffected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›