CVE-2018-12020 — Use of Incorrectly-Resolved Name or Reference in Gnupg
Severity
7.5HIGHNVD
EPSS
1.7%
top 17.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 8
Latest updateMay 13
Description
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages7 packages
Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 16.04, 17.10, 18.04, 18.10, 19.04, Enterprise Linux 7.6, 7.5
Patches
🔴Vulnerability Details
6📋Vendor Advisories
7💬Community
3Bugzilla▶
CVE-2018-12020 gnupg: gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification [fedora-all]↗2018-06-11
Bugzilla▶
CVE-2018-12020 gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification↗2018-06-11
Bugzilla▶
CVE-2018-12020 gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification [fedora-all]↗2018-06-11