5 matches found
Design/Logic Flaw
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service invalid read and use-after-free via a crafted keyring file...
CVE-2015-1606
Technical details for CVE-2015-1606 are not publicly provided in the connected documents. The batch includes unrelated CVEs and generic notes, but no vendor/product/version/root-cause/impact specific to this CVE. Monitor for official updates and disclosures.
CVE-2015-1606
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service invalid read and use-after-free via a crafted keyring file...
Low: gnupg2
Issue Overview: It was reported https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html that gnupg2 keyring DB code did not reject packets which don't belong into a keyring, which may lead to invalid read of sizeof int. Affected Packages: gnupg2...
CVE-2015-1606
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service invalid read and use-after-free via a crafted keyring file...