Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 Oct 2015 20:21:54 +0200
From: Gijs Hollestelle <>
Subject: CVE Request: Openpgp.js Critical vulnerability in S2K


A vulnerability in the S2K function of OpenPGP.js allows to produce a
predictable session key without knowing the passphrase.

An attacker is able to create a private PGP key that will decrypt in
OpenPGP.js regardless of the passphrase given.

Also using this flaw it is possible to forge a symmetrically encrypted PGP
message (Symmetric-Key Encrypted Session Key Packets (Tag 3)) that
will decrypt with any passphrase in OpenPGP.js. This can be an attack
vector if successful decryption of such a message is used as an
authentication mechanism.

The bug is fixed with a strict check on unknown S2K types.


Fixed by:

Fixen in:
OpenPGP.js v1.3.0

Could a CVE please be assigned to this issue?


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ