PT-2018-2214 · Gnu+5 · Gnupg+5

Marcus Brinkmann

·

Publicado

2018-06-08

·

Atualizado

2024-07-12

·

CVE-2018-12020

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:C/A:N
Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.2.8
Description The issue is related to the mishandling of the original filename during decryption and verification actions in the mainproc.c component. This allows remote attackers to spoof output sent to other programs using the "--status-fd 2" option, potentially affecting the integrity of protected information. For instance, an OpenPGP data representation of an original filename with line feed characters, in conjunction with GOODSIG or VALIDSIG status codes, can be exploited.
Recommendations For versions prior to 2.2.8, update to version 2.2.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of the "--status-fd 2" option until the update is applied.

Exploit

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-706CWE-20

Identificadores relacionados

ALT-PU-2018-1881
ALT-PU-2018-1884
ALT-PU-2018-2427
BDU:2019-00237
CESA-2018_2180
CESA-2018_2181
CVE-2018-12020
DLA-2862-1
DSA-4222-1
DSA-4223-1
DSA-4224-1
MGASA-2018-0292
MGASA-2018-0316
MGASA-2018-0321
MGASA-2018-0354
OPENSUSE-SU-2018_1708-1
OPENSUSE-SU-2018_1722-1
OPENSUSE-SU-2018_1724-1
OPENSUSE-SU-2024:10736-1
OPENSUSE-SU-2024:10815-1
OPENSUSE-SU-2024:11261-1
OPENSUSE-SU-2024:14158-1
RHSA-2018:2180
RHSA-2018:2181
RHSA-2018_2180
RHSA-2018_2181
SUSE-SU-2018:1696-1
SUSE-SU-2018:1698-1
SUSE-SU-2018:1698-2
SUSE-SU-2018:1814-1
SUSE-SU-2018:2243-1
SUSE-SU-2018_1696-1
SUSE-SU-2018_1698-1
SUSE-SU-2018_1698-2
SUSE-SU-2018_1814-1
USN-3675-1
USN-3675-2
USN-3675-3
USN-3964-1
USN-4839-1

Produtos afetados

Alt Linux
Centos
Gnupg
Red Hat
Suse
Ubuntu