Dkg

**Name of the Vulnerable Software and Affected Versions** GnuPG versions prior to 2.5.5 **Description** The issue arises when a user imports a certificate with crafted subkey data lacking a valid backsig or having incorrect usage flags, leading to a loss of ability to verify signatures made from certain other signing keys. This can be considered a "verification DoS." **Recommendations** For GnuPG versions prior to 2.5.5, update to version 2.5.5 or later to resolve the issue.