Vulnerability identifier: #VU79272
Vulnerability risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-787
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
GnuPG
Client/Desktop applications /
Encryption software
Vendor: GNU
Description
The vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB. A remote attacker can send a specially crafted file, trigger an out-of-bounds write and execute arbitrary code on the target system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
GnuPG: All versions
External links
http://bugzilla.redhat.com/show_bug.cgi?id=2127010
http://dev.gnupg.org/T5993
http://marc.info/?l=oss-security&m=165696590211434&w=4
http://dev.gnupg.org/D556
http://access.redhat.com/security/cve/CVE-2022-3219
http://security.netapp.com/advisory/ntap-20230324-0001/
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.