CVE-2018-6829 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-6829 Interim 1 26 2023-02-10T01:55:34Z current 2021-05-30T14:10:53Z 2023-02-10T01:55:34Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-6829 cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Magnum Orchestration 7 SUSE Container as a Service Platform 2.0 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 LTSS SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 libgcrypt libgcrypt-devel libgcrypt-devel-32bit libgcrypt11 libgcrypt11-32bit libgcrypt20 libgcrypt20-32bit libgcrypt20-hmac libgcrypt20-hmac-32bit libgcrypt as a component of Magnum Orchestration 7 libgcrypt as a component of SUSE Container as a Service Platform 2.0 libgcrypt20 as a component of SUSE Linux Enterprise Desktop 12 SP3 libgcrypt20-32bit as a component of SUSE Linux Enterprise Desktop 12 SP3 libgcrypt as a component of SUSE Linux Enterprise Desktop 12 SP3 libgcrypt-devel as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS libgcrypt20 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS libgcrypt20-32bit as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS libgcrypt20-hmac as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS libgcrypt20-hmac-32bit as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS libgcrypt as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS libgcrypt20 as a component of SUSE Linux Enterprise Micro 5.0 libgcrypt as a component of SUSE Linux Enterprise Micro 5.0 libgcrypt20 as a component of SUSE Linux Enterprise Micro 5.1 libgcrypt20-hmac as a component of SUSE Linux Enterprise Micro 5.1 libgcrypt as a component of SUSE Linux Enterprise Micro 5.1 libgcrypt-devel as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libgcrypt20 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libgcrypt20-32bit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libgcrypt20-hmac as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libgcrypt20-hmac-32bit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libgcrypt as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libgcrypt as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata libgcrypt as a component of SUSE Linux Enterprise Server 11 SP3 LTSS libgcrypt as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata libgcrypt11 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS libgcrypt11-32bit as a component of SUSE Linux Enterprise Server 11 SP4-LTSS libgcrypt as a component of SUSE Linux Enterprise Server 11 SP4-LTSS libgcrypt20 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS libgcrypt20-32bit as a component of SUSE Linux Enterprise Server 12 SP1-LTSS libgcrypt20-hmac as a component of SUSE Linux Enterprise Server 12 SP1-LTSS libgcrypt20-hmac-32bit as a component of SUSE Linux Enterprise Server 12 SP1-LTSS libgcrypt as a component of SUSE Linux Enterprise Server 12 SP1-LTSS libgcrypt20 as a component of SUSE Linux Enterprise Server 12 SP2 libgcrypt20-32bit as a component of SUSE Linux Enterprise Server 12 SP2 libgcrypt20-hmac as a component of SUSE Linux Enterprise Server 12 SP2 libgcrypt20-hmac-32bit as a component of SUSE Linux Enterprise Server 12 SP2 libgcrypt as a component of SUSE Linux Enterprise Server 12 SP2 libgcrypt20 as a component of SUSE Linux Enterprise Server 12 SP3 libgcrypt20-32bit as a component of SUSE Linux Enterprise Server 12 SP3 libgcrypt20-hmac as a component of SUSE Linux Enterprise Server 12 SP3 libgcrypt20-hmac-32bit as a component of SUSE Linux Enterprise Server 12 SP3 libgcrypt as a component of SUSE Linux Enterprise Server 12 SP3 libgcrypt20 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libgcrypt20-32bit as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libgcrypt20-hmac as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libgcrypt20-hmac-32bit as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libgcrypt as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libgcrypt20 as a component of SUSE Linux Enterprise Server 12-LTSS libgcrypt20-32bit as a component of SUSE Linux Enterprise Server 12-LTSS libgcrypt20-hmac as a component of SUSE Linux Enterprise Server 12-LTSS libgcrypt20-hmac-32bit as a component of SUSE Linux Enterprise Server 12-LTSS libgcrypt as a component of SUSE Linux Enterprise Server 12-LTSS libgcrypt-devel as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libgcrypt-devel-32bit as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libgcrypt as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libgcrypt-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 libgcrypt as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 libgcrypt-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libgcrypt as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation. CVE-2018-6829 Magnum Orchestration 7:libgcrypt SUSE Container as a Service Platform 2.0:libgcrypt SUSE Linux Enterprise Desktop 12 SP3:libgcrypt SUSE Linux Enterprise Desktop 12 SP3:libgcrypt20 SUSE Linux Enterprise Desktop 12 SP3:libgcrypt20-32bit SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libgcrypt SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libgcrypt-devel SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libgcrypt20 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libgcrypt20-32bit SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libgcrypt20-hmac SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libgcrypt20-hmac-32bit SUSE Linux Enterprise Micro 5.0:libgcrypt SUSE Linux Enterprise Micro 5.0:libgcrypt20 SUSE Linux Enterprise Micro 5.1:libgcrypt SUSE Linux Enterprise Micro 5.1:libgcrypt20 SUSE Linux Enterprise Micro 5.1:libgcrypt20-hmac SUSE Linux Enterprise Module for Basesystem 15 SP3:libgcrypt SUSE Linux Enterprise Module for Basesystem 15 SP3:libgcrypt-devel SUSE Linux Enterprise Module for Basesystem 15 SP3:libgcrypt20 SUSE Linux Enterprise Module for Basesystem 15 SP3:libgcrypt20-32bit SUSE Linux Enterprise Module for Basesystem 15 SP3:libgcrypt20-hmac SUSE Linux Enterprise Module for Basesystem 15 SP3:libgcrypt20-hmac-32bit SUSE Linux Enterprise Server 11 SP1 for Teradata:libgcrypt SUSE Linux Enterprise Server 11 SP3 LTSS:libgcrypt SUSE Linux Enterprise Server 11 SP3 for Teradata:libgcrypt SUSE Linux Enterprise Server 11 SP4-LTSS:libgcrypt SUSE Linux Enterprise Server 11 SP4-LTSS:libgcrypt11 SUSE Linux Enterprise Server 11 SP4-LTSS:libgcrypt11-32bit SUSE Linux Enterprise Server 12 SP1-LTSS:libgcrypt SUSE Linux Enterprise Server 12 SP1-LTSS:libgcrypt20 SUSE Linux Enterprise Server 12 SP1-LTSS:libgcrypt20-32bit SUSE Linux Enterprise Server 12 SP1-LTSS:libgcrypt20-hmac SUSE Linux Enterprise Server 12 SP1-LTSS:libgcrypt20-hmac-32bit SUSE Linux Enterprise Server 12 SP2:libgcrypt SUSE Linux Enterprise Server 12 SP2:libgcrypt20 SUSE Linux Enterprise Server 12 SP2:libgcrypt20-32bit SUSE Linux Enterprise Server 12 SP2:libgcrypt20-hmac SUSE Linux Enterprise Server 12 SP2:libgcrypt20-hmac-32bit SUSE Linux Enterprise Server 12 SP3:libgcrypt SUSE Linux Enterprise Server 12 SP3:libgcrypt20 SUSE Linux Enterprise Server 12 SP3:libgcrypt20-32bit SUSE Linux Enterprise Server 12 SP3:libgcrypt20-hmac SUSE Linux Enterprise Server 12 SP3:libgcrypt20-hmac-32bit SUSE Linux Enterprise Server 12 SP4-LTSS:libgcrypt SUSE Linux Enterprise Server 12 SP4-LTSS:libgcrypt20 SUSE Linux Enterprise Server 12 SP4-LTSS:libgcrypt20-32bit SUSE Linux Enterprise Server 12 SP4-LTSS:libgcrypt20-hmac SUSE Linux Enterprise Server 12 SP4-LTSS:libgcrypt20-hmac-32bit SUSE Linux Enterprise Server 12-LTSS:libgcrypt SUSE Linux Enterprise Server 12-LTSS:libgcrypt20 SUSE Linux Enterprise Server 12-LTSS:libgcrypt20-32bit SUSE Linux Enterprise Server 12-LTSS:libgcrypt20-hmac SUSE Linux Enterprise Server 12-LTSS:libgcrypt20-hmac-32bit SUSE Linux Enterprise Software Development Kit 11 SP4:libgcrypt SUSE Linux Enterprise Software Development Kit 11 SP4:libgcrypt-devel SUSE Linux Enterprise Software Development Kit 11 SP4:libgcrypt-devel-32bit SUSE Linux Enterprise Software Development Kit 12 SP2:libgcrypt SUSE Linux Enterprise Software Development Kit 12 SP2:libgcrypt-devel SUSE Linux Enterprise Software Development Kit 12 SP3:libgcrypt SUSE Linux Enterprise Software Development Kit 12 SP3:libgcrypt-devel moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N