kbx/keybox-search.c in GnuPG prior to 1.4.19, 2.0.x prior to 2.0.27, and 2.1.x prior to 2.1.2 does not properly handle bitwise left-shifts, which allows remote malicious users to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnupg gnupg |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.10 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 10.04 |