Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <87y0mnj593.fsf@gentoo.org>
Date: Sun, 28 Dec 2025 10:00:08 +0000
From: Sam James <sam@...too.org>
To: oss-security@...ts.openwall.com
Subject: Re: Many vulnerabilities in GnuPG

Demi Marie Obenour <demiobenour@...il.com> writes:

> https://gpg.fail lists many vulnerabilities in GnuPG, one of which
> allows remote code execution.

> All are zero-days to the best of my knowledge.

In 2.5.14:

commit 115d138ba599328005c5321c0ef9f00355838ca9
Author:     Werner Koch <wk@...pg.org>
AuthorDate: Thu Oct 23 11:36:04 2025 +0200
Commit:     Werner Koch <wk@...pg.org>
CommitDate: Thu Oct 23 11:37:59 2025 +0200

    gpg: Fix possible memory corruption in the armor parser.

    * g10/armor.c (armor_filter): Fix faulty double increment.

    * common/iobuf.c (underflow_target): Assert that the filter
    implementations behave well.
    --

    This fixes a bug in a code path which can only be reached with special
    crafted input data and would then error out at an upper layer due to
    corrupt input (every second byte in the buffer is unitialized
    garbage).  No fuzzing has yet hit this case and we don't have a test
    case for this code path.  However memory corruption can never be
    tolerated as it always has the protential for remode code execution.

    Reported-by: 8b79fe4dd0581c1cd000e1fbecba9f39e16a396a
    Fixes-commit: c27c7416d5148865a513e007fb6f0a34993a6073
    which fixed
    Fixes-commit: 7d0efec7cf5ae110c99511abc32587ff0c45b14f

In 2.5.13:

commit 8abc320f2a75d6c7339323a3cff8a8489199f49f
Author:     Werner Koch <wk@...pg.org>
AuthorDate: Wed Oct 22 12:39:15 2025 +0200
Commit:     Werner Koch <wk@...pg.org>
CommitDate: Wed Oct 22 12:39:15 2025 +0200

    gpg: Error out on unverified output for non-detached signatures.

    * g10/mainproc.c (do_proc_packets): Never reset the any.data flag.
    --

    Fixes-commit: 3b1b6f9d98b38480ba2074158fa640b881cdb97e
    Updates-commit: 69384568f66a48eff3968bb1714aa13925580e9f
    Reported-by: 8b79fe4dd0581c1cd000e1fbecba9f39e16a396a


commit 8abc320f2a75d6c7339323a3cff8a8489199f49f
Author:     Werner Koch <wk@...pg.org>
AuthorDate: Wed Oct 22 12:39:15 2025 +0200
Commit:     Werner Koch <wk@...pg.org>
CommitDate: Wed Oct 22 12:39:15 2025 +0200

    gpg: Error out on unverified output for non-detached signatures.

    * g10/mainproc.c (do_proc_packets): Never reset the any.data flag.

commit db9705ef594d5a2baf0e95e13cf6170b621dfc51
Author:     Werner Koch <wk@...pg.org>
AuthorDate: Wed Oct 22 11:19:55 2025 +0200
Commit:     Werner Koch <wk@...pg.org>
CommitDate: Wed Oct 22 11:20:10 2025 +0200

    gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures.

But it isn't clear to me what...
* the mapping between all of the vulnerabilities listed on the website is vs GnuPG commits (unfortunately
  no CVE identifiers yet either);
* GnuPG bug tracker links map to commits or vulnerabilities;
* whether these fixes are complete for a specific vulnerability or not.

The relevant public bugs I'm aware of for GnuPG are:
* https://dev.gnupg.org/T7909
* https://dev.gnupg.org/T7900
* https://dev.gnupg.org/T7902
* https://dev.gnupg.org/T7903
but some linked therein are still marked private.

Finally, to end the dump of what I know so far: Werner Koch has
published a response to the cleartext signature vulnerabilities:
https://gnupg.org/blog/20251226-cleartext-signatures.html.

sam

Download attachment "signature.asc" of type "application/pgp-signature" (419 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.