CVSS: 1.9EPSS: 0%CPEs: 96EXPL: 0CVE-2013-4242 – GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack
https://notcve.org/view.php?id=CVE-2013-4242
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. GnuPG anterior a 1.4.14, y Libgcrypt anterior a 1.5.3 usado en GnuPG 2.0.x y posiblemente otros productos, permite a usuarios locales obtener las claves RSA privadas a través de un ataque "side-channel" que involucra la caché L3. Aka Flush+Reload. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717880 http://eprint.iacr.org/2013/448 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00003.html http://rhn.redhat.com/errata/RHSA-2013-1457.html http://secunia.com/advisories/54318 http://secunia.com/advisories/54321 http://secunia.com/advisories/54332 http://secunia.com/advisories/54375 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 4%CPEs: 27EXPL: 1CVE-2012-6085 – GnuPG: read_block() corrupt key input validation
https://notcve.org/view.php?id=CVE-2012-6085
The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet. La función "read_block" en g10/import.c en GnuPG v1.4.x anterior a v1.4.13 y v2.0.x a la v2.0.19, cuando se importa una clave, permite a atacantes remotos corromper la base de datos del anillo de claves publicas (caída de la aplicación) o causar una denegación de servicio a través de la modificación de a longitud de campo de un paquete OpenPGP. • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commitdiff%3Bh=f0b33b6fb8e0586e9584a7a409dcc31263776a67 http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095513.html http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095516.html http://rhn.redhat.com/errata/RHSA-2013-1459.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:001 http://www.openwall.com/lists/oss-security/2013/01/01/6 http://www.securityfocus.com/bid/57102 http://www.u • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 12%CPEs: 3EXPL: 0CVE-2010-2547 – 2: use-after-free when importing certificate with many alternate names
https://notcve.org/view.php?id=CVE-2010-2547
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature. Vulnerabilidad de uso después de la liberación (use-after-free) en kbx/keybox-blob.c en GPGSM de GnuPG v2.x hasta v2.0.16 permite a atacantes remotos causar una denegación de servicio (caída del sistema) y posiblemente ejecutar código de su elección mediante un certificado con un gran número de Subject Alternate Names, que no es manejado de forma adecuada en una operación realloc cuando se importa el certificado o se verifica su firma. • http://lists.fedoraproject.org/pipermail/package-announce/2010-August/044935.html http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html http://secunia.com/advisories/38877 http://secunia.com/advisories/40718 http://secunia.com/advisories/40841 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.462008 http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0076 http://www.debi • CWE-416: Use After Free •
CVSS: 9.3EPSS: 4%CPEs: 2EXPL: 0CVE-2008-1530
https://notcve.org/view.php?id=CVE-2008-1530
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs." GnuPG (gpg) 1.4.8 y 2.0.8 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de claves duplicadas manipuladas que son importadas de un servidor de claves, lo cual dispara "corrupción de memoria en torno a la duplicación de identificadores de usuario". • http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000272.html http://secunia.com/advisories/29568 http://www.ocert.org/advisories/ocert-2008-1.html http://www.securityfocus.com/bid/28487 http://www.vupen.com/english/advisories/2008/1056/references https://bugs.g10code.com/gnupg/issue894 https://bugs.gentoo.org/show_bug.cgi?id=214990 https://exchange.xforce.ibmcloud.com/vulnerabilities/41547 • CWE-399: Resource Management Errors •