Bugzilla – Bug 918089
VUL-1: CVE-2015-1606: gpg2: Invalid memory read using a garbled keyring
Last modified: 2016-01-11 13:40:09 UTC
Keyring DB code does not reject packets which doesn't belong into a keyring, which may lead to invalid read of sizeof (int). Fix: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f0f71a721ccd7ab9e40b8b6b028b59632c0cc648 References: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html https://bugzilla.redhat.com/show_bug.cgi?id=1193008 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1606
bugbot adjusting priority
This is an autogenerated message for OBS integration: This bug (918089) was mentioned in https://build.opensuse.org/request/show/345381 13.2+13.1 / gpg2
openSUSE-SU-2015:2153-1: An update that fixes two vulnerabilities is now available. Category: security (low) Bug References: 918089,918090 CVE References: CVE-2015-1606,CVE-2015-1607 Sources used: openSUSE 13.2 (src): gpg2-2.0.26-2.3.1 openSUSE 13.1 (src): gpg2-2.0.22-12.1
Created attachment 658029 [details] TFPA-2015-01-gnupg-keyring-use-after-free REPRODUCER: gpg --no-default-keyring --keyring ./TFPA-2015-01-gnupg-keyring-use-after-free --list-keys
An update workflow for this issue was started. This issue was rated as "low". Please submit fixed packages until "Dec. 30, 2015". When done, reassign the bug to "security-team@suse.de". /update/62365/.
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2015-12-16. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62365
SUSE-SU-2015:2170-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 918089,918090 CVE References: CVE-2015-1606,CVE-2015-1607 Sources used: SUSE Linux Enterprise Server for VMWare 11-SP3 (src): gpg2-2.0.9-25.33.41.2 SUSE Linux Enterprise Server 11-SP4 (src): gpg2-2.0.9-25.33.41.2 SUSE Linux Enterprise Server 11-SP3 (src): gpg2-2.0.9-25.33.41.2 SUSE Linux Enterprise Desktop 11-SP4 (src): gpg2-2.0.9-25.33.41.2 SUSE Linux Enterprise Desktop 11-SP3 (src): gpg2-2.0.9-25.33.41.2 SUSE Linux Enterprise Debuginfo 11-SP4 (src): gpg2-2.0.9-25.33.41.2 SUSE Linux Enterprise Debuginfo 11-SP3 (src): gpg2-2.0.9-25.33.41.2
SUSE-SU-2015:2171-1: An update that solves two vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 918089,918090,952347,955753 CVE References: CVE-2015-1606,CVE-2015-1607 Sources used: SUSE Linux Enterprise Server 12 (src): gpg2-2.0.24-3.1 SUSE Linux Enterprise Desktop 12 (src): gpg2-2.0.24-3.1
done
openSUSE-SU-2015:2241-1: An update that solves two vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 918089,918090,952347,955753 CVE References: CVE-2015-1606,CVE-2015-1607 Sources used: openSUSE Leap 42.1 (src): gpg2-2.0.24-5.1
SUSE-SU-2015:2171-2: An update that solves two vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 918089,918090,952347,955753 CVE References: CVE-2015-1606,CVE-2015-1607 Sources used: SUSE Linux Enterprise Server 12-SP1 (src): gpg2-2.0.24-3.2 SUSE Linux Enterprise Desktop 12-SP1 (src): gpg2-2.0.24-3.2