Back to search
CVE-2012-6085
Published: Jan 24, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=891142
x_refsource_MISC
https://bugs.g10code.com/gnupg/issue1455
x_refsource_CONFIRM
57102
vdb-entry
x_refsource_BID
FEDORA-2013-0377
vendor-advisory
x_refsource_FEDORA
[oss-security] 20130101 Re: GnuPG 1.4.12 and lower - memory access errors and keyring database corruption
mailing-list
x_refsource_MLIST
FEDORA-2013-0148
vendor-advisory
x_refsource_FEDORA
RHSA-2013:1459
vendor-advisory
x_refsource_REDHAT
USN-1682-1
vendor-advisory
x_refsource_UBUNTU
MDVSA-2013:001
vendor-advisory
x_refsource_MANDRIVA
gnupg-public-keys-code-exec(80990)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now