Amazon Linux 2023 : gnupg2, gnupg2-minimal, gnupg2-smime (ALAS2023-2026-1427)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1427 advisory. In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys. CVE-2026-24882 Tenable has extracted the preceding...