CVE-2012-6085
GnuPG: read_block() corrupt key input validation
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.
La función "read_block" en g10/import.c en GnuPG v1.4.x anterior a v1.4.13 y v2.0.x a la v2.0.19, cuando se importa una clave, permite a atacantes remotos corromper la base de datos del anillo de claves publicas (caída de la aplicación) o causar una denegación de servicio a través de la modificación de a longitud de campo de un paquete OpenPGP.
The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send specially crafted input data to GnuPG, making GnuPG enter an infinite loop when parsing data. It was found that importing a corrupted public key into a GnuPG keyring database corrupted that keyring. An attacker could use this flaw to trick a local user into importing a specially crafted public key into their keyring database, causing the keyring to be corrupted and preventing its further use.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-12-06 CVE Reserved
- 2013-01-24 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commitdiff%3Bh=f0b33b6fb8e0586e9584a7a409dcc31263776a67 | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2013/01/01/6 | Mailing List |
|
| http://www.securityfocus.com/bid/57102 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/80990 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://bugs.g10code.com/gnupg/issue1455 | 2024-08-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.0 Search vendor "Gnupg" for product "Gnupg" and version "1.4.0" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.2 Search vendor "Gnupg" for product "Gnupg" and version "1.4.2" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.3 Search vendor "Gnupg" for product "Gnupg" and version "1.4.3" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.4 Search vendor "Gnupg" for product "Gnupg" and version "1.4.4" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.5 Search vendor "Gnupg" for product "Gnupg" and version "1.4.5" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.8 Search vendor "Gnupg" for product "Gnupg" and version "1.4.8" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.10 Search vendor "Gnupg" for product "Gnupg" and version "1.4.10" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.11 Search vendor "Gnupg" for product "Gnupg" and version "1.4.11" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 1.4.12 Search vendor "Gnupg" for product "Gnupg" and version "1.4.12" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0 Search vendor "Gnupg" for product "Gnupg" and version "2.0" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.1 Search vendor "Gnupg" for product "Gnupg" and version "2.0.1" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.3 Search vendor "Gnupg" for product "Gnupg" and version "2.0.3" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.4 Search vendor "Gnupg" for product "Gnupg" and version "2.0.4" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.5 Search vendor "Gnupg" for product "Gnupg" and version "2.0.5" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.6 Search vendor "Gnupg" for product "Gnupg" and version "2.0.6" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.7 Search vendor "Gnupg" for product "Gnupg" and version "2.0.7" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.8 Search vendor "Gnupg" for product "Gnupg" and version "2.0.8" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.10 Search vendor "Gnupg" for product "Gnupg" and version "2.0.10" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.11 Search vendor "Gnupg" for product "Gnupg" and version "2.0.11" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.12 Search vendor "Gnupg" for product "Gnupg" and version "2.0.12" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.13 Search vendor "Gnupg" for product "Gnupg" and version "2.0.13" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.14 Search vendor "Gnupg" for product "Gnupg" and version "2.0.14" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.15 Search vendor "Gnupg" for product "Gnupg" and version "2.0.15" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.16 Search vendor "Gnupg" for product "Gnupg" and version "2.0.16" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.17 Search vendor "Gnupg" for product "Gnupg" and version "2.0.17" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.18 Search vendor "Gnupg" for product "Gnupg" and version "2.0.18" | - |
Affected
| ||||||
| Gnupg Search vendor "Gnupg" | Gnupg Search vendor "Gnupg" for product "Gnupg" | 2.0.19 Search vendor "Gnupg" for product "Gnupg" and version "2.0.19" | - |
Affected
| ||||||