Vulnerability Details : CVE-2015-1607
kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."
Vulnerability category: Input validationDenial of service
Products affected by CVE-2015-1607
- cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
- cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-1607
0.63%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-1607
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2015-1607
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-1607
-
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2183683bd633818dd031b090b5530951de76f392
git.gnupg.org Git - gnupg.git/commitMailing List;Patch;Vendor Advisory
-
https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015) | The Fuzzing ProjectThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2015/02/14/6
oss-security - Re: Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015)Mailing List;Third Party Advisory
-
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html
[Announce] GnuPG 1.4.19 released (with SCA fix)Mailing List;Release Notes;Vendor Advisory
-
http://www.securityfocus.com/bid/72610
Gnupg2 CVE-2015-1607 Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
http://www.ubuntu.com/usn/usn-2554-1/
USN-2554-1: GnuPG vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000362.html
[Announce] GnuPG 2.0.27 "stable" releasedMailing List;Release Notes;Vendor Advisory
-
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000361.html
[Announce] GnuPG 2.1.2 releasedMailing List;Release Notes;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2015/02/13/14
oss-security - Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015)Mailing List;Third Party Advisory
Jump to