vulnerability

FreeBSD: VID-e1c71d8d-64d9-11e6-b38a-25a46b33f2ed (CVE-2016-6313): gnupg -- attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Aug 18, 2016	Dec 10, 2025	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Aug 18, 2016

Added

Dec 10, 2025

Modified

Dec 10, 2025

Description

Werner Koch reports: There was a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and Libgcrypt versions.

Solutions

freebsd-upgrade-package-gnupg1freebsd-upgrade-package-libgcryptfreebsd-upgrade-package-linux-c6-libgcryptfreebsd-upgrade-package-linux-c7-libgcrypt

References

CVE-2016-6313
https://attackerkb.com/topics/CVE-2016-6313
CWE-200

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today