vulnerability

Ubuntu: (Multiple Advisories) (CVE-2016-6313): GnuPG vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Aug 18, 2016	Jul 1, 2017	Aug 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Aug 18, 2016

Added

Jul 1, 2017

Modified

Aug 18, 2025

Description

Felix Dörre and Vladimir Klebanov discovered that GnuPG incorrectly handled
mixing functions in the random number generator. An attacker able to obtain
4640 bits from the RNG can trivially predict the next 160 bits of output.

Solutions

ubuntu-upgrade-gnupgubuntu-upgrade-libgcrypt11ubuntu-upgrade-libgcrypt20

References

CVE-2016-6313
https://attackerkb.com/topics/CVE-2016-6313
CWE-200
DEBIAN-DLA-600-1
DEBIAN-DLA-602-1
DEBIAN-DSA-3649
DEBIAN-DSA-3650
NVD-CVE-2016-6313
UBUNTU-USN-3064-1
UBUNTU-USN-3065-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today