CVE-2021-33560 – This vulnerability in Libgcrypt allows side-cha... (How to Fix)

Q: What is the severity of CVE-2021-33560?

CVE-2021-33560 has a CVSS score of 7.5 (HIGH). This vulnerability in Libgcrypt allows side-channel attacks against ElGamal encryption due to missing exponent blinding and inappropriate window size selection. Attackers can potentially recover private keys from cryptographic operations. This affects any application using Libgcrypt's ElGamal implementation, particularly OpenPGP implementations.

📋 TL;DR

This vulnerability in Libgcrypt allows side-channel attacks against ElGamal encryption due to missing exponent blinding and inappropriate window size selection. Attackers can potentially recover private keys from cryptographic operations. This affects any application using Libgcrypt's ElGamal implementation, particularly OpenPGP implementations.

💻 Affected Systems

Products:

Libgcrypt
GnuPG
OpenPGP implementations
Applications using Libgcrypt for ElGamal encryption

Versions: Libgcrypt before 1.8.8 and 1.9.x before 1.9.3

Operating Systems: Linux, Unix-like systems, Any OS using vulnerable Libgcrypt

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using ElGamal encryption. Many modern systems use RSA or ECC instead, reducing exposure.

📦 What is this software?

Communications Cloud Native Core Binding Support Function by Oracle

View all CVEs affecting Communications Cloud Native Core Binding Support Function →

Communications Cloud Native Core Network Function Cloud Native Environment by Oracle

View all CVEs affecting Communications Cloud Native Core Network Function Cloud Native Environment →

Communications Cloud Native Core Network Function Cloud Native Environment by Oracle

View all CVEs affecting Communications Cloud Native Core Network Function Cloud Native Environment →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of encrypted communications through private key recovery, leading to data decryption and impersonation attacks.

🟠

Likely Case

Targeted attacks against high-value systems using ElGamal encryption to extract private keys over time through side-channel analysis.

🟢

If Mitigated

Limited impact if systems use alternative encryption algorithms or have patched versions, though ElGamal operations remain vulnerable until patched.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires side-channel access to cryptographic operations and significant computational resources. Academic papers demonstrate the attack methodology.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Libgcrypt 1.8.8 or 1.9.3

Vendor Advisory: https://dev.gnupg.org/T5305

Restart Required: Yes

Instructions:

1. Update Libgcrypt to version 1.8.8 or 1.9.3. 2. For Debian/Ubuntu: apt update && apt upgrade libgcrypt20. 3. For RHEL/CentOS: yum update libgcrypt. 4. Restart affected services using Libgcrypt.

🔧 Temporary Workarounds

Disable ElGamal Usage

all

Configure applications to use alternative encryption algorithms like RSA or ECC instead of ElGamal.

For GnuPG: Edit ~/.gnupg/gpg.conf and add 'disable-cipher ELGAMAL'

🧯 If You Can't Patch

Disable ElGamal encryption in all applications and migrate to RSA or ECC algorithms
Isolate systems using ElGamal encryption and monitor for unusual cryptographic operations

🔍 How to Verify

Check if Vulnerable:

Check Libgcrypt version: libgcrypt-config --version or dpkg -l libgcrypt20

Check Version:

libgcrypt-config --version || dpkg -l libgcrypt20 || rpm -q libgcrypt

Verify Fix Applied:

Verify version is 1.8.8 or higher, or 1.9.3 or higher for 1.9.x branch

📡 Detection & Monitoring

Log Indicators:

Unusual cryptographic operation patterns
Multiple failed decryption attempts
Abnormal CPU usage during encryption operations

Network Indicators:

Unusual timing patterns in encrypted communications
Repeated ElGamal encryption requests

SIEM Query:

Process execution containing 'gcrypt' AND (version < 1.8.8 OR version like '1.9.%' AND version < 1.9.3)

📊 Metadata

CVE ID: CVE-2021-33560

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-203

Published: June 8, 2021

Last Updated: December 3, 2025

🔗 References

https://dev.gnupg.org/T5305 Release Notes,Vendor Advisory
https://dev.gnupg.org/T5328 Vendor Advisory
https://dev.gnupg.org/T5466 Release Notes,Vendor Advisory
https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61 Patch,Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/
https://security.gentoo.org/glsa/202210-13 Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html Third Party Advisory
https://dev.gnupg.org/T5305 Release Notes,Vendor Advisory
https://dev.gnupg.org/T5328 Vendor Advisory
https://dev.gnupg.org/T5466 Release Notes,Vendor Advisory
https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61 Patch,Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/
https://security.gentoo.org/glsa/202210-13 Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-33560, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Communications Cloud Native Core Binding Support Function by Oracle

Communications Cloud Native Core Network Function Cloud Native Environment by Oracle

Communications Cloud Native Core Network Function Cloud Native Environment by Oracle

Communications Cloud Native Core Network Repository Function by Oracle

Communications Cloud Native Core Network Repository Function by Oracle

Communications Cloud Native Core Network Repository Function by Oracle

Communications Cloud Native Core Network Slice Selection Function by Oracle

Communications Cloud Native Core Service Communication Proxy by Oracle

Debian Linux by Debian

Fedora by Fedoraproject

Fedora by Fedoraproject

Libgcrypt by Gnupg

Libgcrypt by Gnupg

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable ElGamal Usage

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities