CVE-2015-1607
https://notcve.org/view.php?id=CVE-2015-1607
kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges." El archivo kbx/keybox-search.c en GnuPG versiones anteriores a 1.4.19, versiones 2.0.x anteriores a 2.0.27 y versiones 2.1.x anteriores a 2.1.2, no maneja apropiadamente los cambios a la izquierda bit a bit, lo que permite a atacantes remotos causar una denegación de servicio (operación de lectura no válida) por medio de un archivo de llavero diseñado, relacionado con extensiones de signo y "memcpy with overlapping ranges." • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commit%3Bh=2183683bd633818dd031b090b5530951de76f392 http://www.openwall.com/lists/oss-security/2015/02/13/14 http://www.openwall.com/lists/oss-security/2015/02/14/6 http://www.securityfocus.com/bid/72610 http://www.ubuntu.com/usn/usn-2554-1 https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000361.html https:// • CWE-20: Improper Input Validation •
CVE-2015-1606
https://notcve.org/view.php?id=CVE-2015-1606
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. La base de datos de llavero en GnuPG versiones anteriores a la versión 2.1.2, no maneja apropiadamente los paquetes no válidos, lo que permite a atacantes remotos causar una denegación de servicio (lectura no válida y uso de la memoria previamente liberada) por medio de un archivo de llavero especialmente diseñado. • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commit%3Bh=f0f71a721ccd7ab9e40b8b6b028b59632c0cc648 http://www.debian.org/security/2015/dsa-3184 http://www.openwall.com/lists/oss-security/2015/02/13/14 http://www.openwall.com/lists/oss-security/2015/02/14/6 http://www.securitytracker.com/id/1031876 https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html • CWE-416: Use After Free •
CVE-2014-9087
https://notcve.org/view.php?id=CVE-2014-9087
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow. Desbordamiento de enteros en la función ksba_oid_to_str en Libksba anterior a 1.3.2, utilizado en GnuPG, permite a atacantes remotos causar una denegación de servicio (caída) a través de un OID manipulado en (1) un mensaje S/MIME o (2) datos OpenPGP basados en ECC, lo que provoca un desbordamiento de buffer. • http://advisories.mageia.org/MGASA-2014-0498.html http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html http://secunia.com/advisories/60073 http://secunia.com/advisories/60189 http://secunia.com/advisories/60233 http://www.debian.org/security/2014/dsa-3078 http://www.mandriva.com/security/advisories?name=MDVSA-2014:234 http://www.mandriva.com/security/advisories?name=MDVSA-2015:151 http://www.securityfocus.com/bid/71285 http://www.ubuntu.com/usn/USN-2427-1 http • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2013-4351 – gnupg: treats no-usage-permitted keys as all-usages-permitted
https://notcve.org/view.php?id=CVE-2013-4351
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. GnuPG 1.4.x, y 2.1.x trata un subpaquete de flags clave con todos los bits a 0 (sin uso permitido) como si tuviera todos los bits establecidos (todo uso permitido) lo que permitiría a atacantes remotos evadir mecanismos de protección criptográfica intencionada mediante el aprovechamiento de la subclave. • http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html http://rhn.redhat.com/errata/RHSA-2013-1459.html http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138 http://ubuntu.com/usn/usn-1987-1 http://www.debian.org/security/2013/dsa-2773 http://www.debian.org/security/2013/dsa-2774 http://www.openwall.com/lists/oss-security/2013/09/13/4 https://bugzilla.redhat.com/show_ • CWE-310: Cryptographic Issues •