RHSA-2016:2674

Affecting libgcrypt package, versions <0:1.5.3-13.el7_3.1

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

Overview

The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix(es): * A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313) Red Hat would like to thank Felix Dörre and Vladimir Klebanov for reporting this issue.

CVE
RHSA-2016:2674
Snyk ID
SNYK-CENTOS7-LIBGCRYPT-287879
Published
27 Jun, 2018