{"id":"UBUNTU-CVE-2021-3345","details":"_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.","modified":"2025-07-16T07:42:47.043615Z","published":"2021-01-29T15:15:00Z","withdrawn":"2025-07-18T16:46:25Z","upstream":["CVE-2021-3345"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3345"},{"type":"REPORT","url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=512c0c75276949f13b6373b5c04f7065af750b08"},{"type":"REPORT","url":"https://gnupg.org"},{"type":"REPORT","url":"https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html"},{"type":"REPORT","url":"https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2021-3345"}],"affected":[{"package":{"name":"libgcrypt11","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/libgcrypt11@1.5.3-2ubuntu4.6+esm1?arch=source&distro=trusty/esm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.5.3-2ubuntu4.6+esm1"}]}],"versions":["1.5.0-3ubuntu3","1.5.3-2ubuntu1","1.5.3-2ubuntu4","1.5.3-2ubuntu4.1","1.5.3-2ubuntu4.2","1.5.3-2ubuntu4.3","1.5.3-2ubuntu4.4","1.5.3-2ubuntu4.5","1.5.3-2ubuntu4.6"],"ecosystem_specific":{"binaries":[{"binary_version":"1.5.3-2ubuntu4.6+esm1","binary_name":"libgcrypt11"},{"binary_version":"1.5.3-2ubuntu4.6+esm1","binary_name":"libgcrypt11-dbg"},{"binary_version":"1.5.3-2ubuntu4.6+esm1","binary_name":"libgcrypt11-dbgsym"},{"binary_version":"1.5.3-2ubuntu4.6+esm1","binary_name":"libgcrypt11-dev"},{"binary_version":"1.5.3-2ubuntu4.6+esm1","binary_name":"libgcrypt11-dev-dbgsym"},{"binary_version":"1.5.3-2ubuntu4.6+esm1","binary_name":"libgcrypt11-doc"},{"binary_version":"1.5.3-2ubuntu4.6+esm1","binary_name":"libgcrypt11-udeb"},{"binary_version":"1.5.3-2ubuntu4.6+esm1","binary_name":"libgcrypt11-udeb-dbgsym"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3345.json"}},{"package":{"name":"libgcrypt20","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/libgcrypt20@1.6.5-2ubuntu0.6?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.5-2ubuntu0.6"}]}],"versions":["1.6.3-2ubuntu1","1.6.4-3","1.6.4-4","1.6.4-5","1.6.5-2","1.6.5-2ubuntu0.2","1.6.5-2ubuntu0.3","1.6.5-2ubuntu0.4","1.6.5-2ubuntu0.5"],"ecosystem_specific":{"binaries":[{"binary_version":"1.5.4-3+really1.6.5-2ubuntu0.6","binary_name":"libgcrypt11-dev"},{"binary_version":"1.6.5-2ubuntu0.6","binary_name":"libgcrypt20"},{"binary_version":"1.6.5-2ubuntu0.6","binary_name":"libgcrypt20-dbgsym"},{"binary_version":"1.6.5-2ubuntu0.6","binary_name":"libgcrypt20-dev"},{"binary_version":"1.6.5-2ubuntu0.6","binary_name":"libgcrypt20-dev-dbgsym"},{"binary_version":"1.6.5-2ubuntu0.6","binary_name":"libgcrypt20-doc"},{"binary_version":"1.6.5-2ubuntu0.6","binary_name":"libgcrypt20-udeb"},{"binary_version":"1.6.5-2ubuntu0.6","binary_name":"libgcrypt20-udeb-dbgsym"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3345.json"}},{"package":{"name":"libgcrypt20","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/libgcrypt20@1.8.1-4ubuntu1.2?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.1-4ubuntu1.2"}]}],"versions":["1.7.8-2ubuntu1","1.7.9-1","1.8.1-4","1.8.1-4ubuntu1","1.8.1-4ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_version":"1.8.1-4ubuntu1.2","binary_name":"libgcrypt-mingw-w64-dev"},{"binary_version":"1.5.4-3+really1.8.1-4ubuntu1.2","binary_name":"libgcrypt11-dev"},{"binary_version":"1.8.1-4ubuntu1.2","binary_name":"libgcrypt20"},{"binary_version":"1.8.1-4ubuntu1.2","binary_name":"libgcrypt20-dbgsym"},{"binary_version":"1.8.1-4ubuntu1.2","binary_name":"libgcrypt20-dev"},{"binary_version":"1.8.1-4ubuntu1.2","binary_name":"libgcrypt20-dev-dbgsym"},{"binary_version":"1.8.1-4ubuntu1.2","binary_name":"libgcrypt20-doc"},{"binary_version":"1.8.1-4ubuntu1.2","binary_name":"libgcrypt20-udeb"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3345.json"}},{"package":{"name":"libgcrypt20","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/libgcrypt20@1.8.5-5ubuntu1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.5-5ubuntu1"}]}],"versions":["1.8.4-5ubuntu2","1.8.5-3ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"1.8.5-5ubuntu1","binary_name":"libgcrypt-mingw-w64-dev"},{"binary_version":"1.8.5-5ubuntu1","binary_name":"libgcrypt20"},{"binary_version":"1.8.5-5ubuntu1","binary_name":"libgcrypt20-dbgsym"},{"binary_version":"1.8.5-5ubuntu1","binary_name":"libgcrypt20-dev"},{"binary_version":"1.8.5-5ubuntu1","binary_name":"libgcrypt20-dev-dbgsym"},{"binary_version":"1.8.5-5ubuntu1","binary_name":"libgcrypt20-doc"},{"binary_version":"1.8.5-5ubuntu1","binary_name":"libgcrypt20-udeb"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3345.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]}