GHSA-wrv8-79m2-qg24MediumCVSS 6.7
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via...
🔗 CVE IDs covered (1)
📋 Description
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.
🔗 References (7)
- https://nvd.nist.gov/vuln/detail/CVE-2026-41989
- https://dev.gnupg.org/T8211
- https://lists.gnupg.org/pipermail/gnupg-announce/2026q2/000503.html
- https://www.openwall.com/lists/oss-security/2026/04/21/1
- https://cert-portal.siemens.com/productcert/html/ssa-019113.html
- https://cert-portal.siemens.com/productcert/html/ssa-082556.html
- https://github.com/advisories/GHSA-wrv8-79m2-qg24