Overview
Critical Vulnerability in Libgcrypt Library: Version 1.9.0 of libgcrypt cryptographic library has a Heap-based Buffer Overflow vulnerability, allowing attackers conduct Remote Code Execution (RCE) attacks.
Description
Libgcrypt is a general purpose cryptographic library, providing a wide array of cryptographic functions, such as, symmetric key algorithms (with different modes of operations), public key algorithms, hash algorithms, MACs (Message Authentication Codes), RNGs (Random Number Generators) etc. The library is originally based on code from GnuPG (Gnu Privacy Guard).
As having been implemented in OpenPGP, libgcrypt is being used in many Linux distributions. Libgcrypt is also widely used by custom installations on a variety of platforms (Linux, Unix, MacOS) since it is POSIX (Portable Operating System Interface) compatible.
Disclosed by the Google Project Zero researcher Tavis Ormandy, in Libgcrypt version 1.9.0, a heap based vulnerability exists that allows attackers to run arbitrary codes on victim system. The vulnerability is considered to be critical since it could be exploited remotely with no authentication and could lead to full system take overs.
The flaw in the library has been introduced with version 1.9.0 release and previous versions are not affected from it. Currently, there does not exist a CVE ID for the vulnerability yet, since it is pending for one.
Impact
Unauthenticated remote attackers could run arbitrary code (Remote Code Execution Attacks) on the victim systems due to Heap-based Buffer Overflow vulnerability.
Impact Summary
Category: Remote Code Execution
CVSS 3.1 Base Score: N/A
CVSS 3.1 Vector: N/A
Solution (Update)
The vulnerability exists only on Libgcrypt 1.9.0 and does not affect the older versions. To defend against possible attacks due to this vulnerability, Libgcrypt needs to be updated to version 1.9.1 that has been released by the Libgcrypt project.
Note that, other applications that make use of the libgcrypt library is also affected from the vulnerability and such software needs to be updated/patched separately according to the manufacturer advisory. One such application that has been affected in this way is Homebrew, an open source package management system for MacOS. Updated version of Homebrew has fixed the issue.
Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break. It’s not even hard. What is hard is creating an algorithm that no one else can break, even after years of analysis.
Bruce Schneier
Read more educational and inspirational cyber quotes at our page 100+ Best Cyber Security & Hacker Quotes.
References to Advisories, Solutions and Tools
To learn more about security vulnerabilities, you could also read our articles What is a Security Vulnerability? or What is Vulnerability Scanning?
