Libgcrypt ECDH Buffer Overwrite Vulnerability

56% confidence

Description

This version fixes a security bug [T8211] which can be used to mount a DoS using ECDH encryption (with NIST, Brainpool, X448, or X25519 curves). Note that GnuPG versions since 2.5.7 are not affected by this bug due to the use of a different encryption API.

Affected Products

Vendor	Product	Versions
gnupg	libgcrypt	< 1.12.2, < 1.11.3, < 1.10.4

Related News (1 articles)

Tier C

oss-security4h ago

Libgcrypt security releases 1.12.2, 1.11.3, 1.10.x

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

1.12.2

PublishedApr 21, 2026

Last enriched2h agov2

Community Vote

0 upvotes0 downvotes

Version History

Last enriched 2h ago

v2Tier C2h ago

Updated description with new technical details, added patch version 1.12.2, and included new MITRE ATT&CK techniques T8211 and T8208.

descriptionpatchAvailableiocsmitreAttack

via oss-security

v14h ago

Initial creation

Libgcrypt ECDH Buffer Overwrite Vulnerability

Description

Affected Products

Related News (1 articles)

Community Vote

Related CVEs (3)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History