CVE-2015-1607 — Improper Input Validation in Gnupg

CWE-20 — Improper Input Validation CWE-131 — Incorrect Calculation of Buffer Size CWE-1335 — Incorrect Bitwise Shift of Integer12 documents9 sources

Severity

5.5MEDIUMNVD

OSV4.2

EPSS

0.6%

top 29.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gnupg Canonical Ubuntu Linux

Timeline

PublishedNov 20

Latest updateMay 24

Description

kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDgnupg/gnupg2.0 — 2.0.27+2

▶Ubuntugnupg/gnupg< 1.4.16-1ubuntu2.3

Also affects: Ubuntu Linux 10.04, 12.04, 14.04, 14.10

🔴Vulnerability Details

GHSA

GHSA-4w8p-vqv2-2g8w: kbx/keybox-search↗2022-05-24

▶

CVEList

CVE-2015-1607: kbx/keybox-search↗2019-11-20

▶

OSV

CVE-2015-1607: kbx/keybox-search↗2019-11-20

▶

OSV

gnupg, gnupg2 vulnerabilities↗2015-04-01

▶

📋Vendor Advisories

Ubuntu

GnuPG vulnerabilities↗2015-04-01

▶

Red Hat

gnupg2: memcpy with overlapping ranges (keybox_search.c)↗2015-02-13

▶

Debian

CVE-2015-1607: gnupg2 - kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x befor...↗2015

▶

📐Framework References

CWE

Incorrect Bitwise Shift of Integer↗

▶

💬Community

Bugzilla

CVE-2015-1606 CVE-2015-1607 gnupg2: various flaws [fedora-all]↗2015-02-16

▶

Bugzilla

CVE-2015-1607 gnupg2: memcpy with overlapping ranges (keybox_search.c)↗2015-02-16

▶

Bugzilla

CVE-2015-1606 CVE-2015-1607 gnupg: various flaws [fedora-all]↗2015-02-16

▶