_gcry_cipher_aeswrap_decrypt function in file cipher/cipher-aeswrap.c does not clean memory properly after decryption. The variable b is used to concatenate intermediate results during AES wrap decryption. At the end of the decryption it contains the constant 0xa6a6a6a6a6a6a6a6 and the first eight bytes of the cache item in clear. At the end of the decryption, the variable is not wiped thus it stay in clear in memory. This can be easy findable in memory since it is next to the constant. This is problematic when a passphrase is used for symmetric encryption since the function is called by the function agent_get_cache in the file agent/cache.c. The first eight bytes may be recovered from a memory dump after a decryption have been done previously with a passphrase in cache.
To reproduce de the behavior it is possible to compile libgcrypt examples in debug mode and run gdb on aeswrap sample binary. By issuing the following commands:
b gcry_cipher_decrypt r b *_gcry_cipher_aeswrap_decrypt+791 c x/4x b