The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of GnuPG

vulnerability note CVE-2018-12020

GnuPG: creation of fake status messages

Synthesis of the vulnerability

An attacker can create fake status messages in GnuPG, in order to deceive the victime.
Impacted products: Debian, Fedora, GnuPG, Junos Space, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: document.
Creation date: 08/06/2018.
Revision date: 02/05/2019.
Identifiers: bulletinjul2018, CVE-2018-12020, DSA-4222-1, DSA-4223-1, FEDORA-2018-4ef71d3525, FEDORA-2018-69780fc4d7, FEDORA-2018-a4e13742b4, JSA10917, openSUSE-SU-2018:1706-1, openSUSE-SU-2018:1708-1, openSUSE-SU-2018:1722-1, openSUSE-SU-2018:1724-1, RHSA-2018:2180-01, RHSA-2018:2181-01, SSA:2018-159-01, SSA:2018-170-01, SUSE-SU-2018:1696-1, SUSE-SU-2018:1698-1, SUSE-SU-2018:2243-1, T4012, USN-3675-1, USN-3675-2, USN-3675-3, USN-3964-1, VIGILANCE-VUL-26364.

Description of the vulnerability

An attacker can create fake status messages in GnuPG, in order to deceive the victime.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-1000858

GnuPG Dirmngr: Cross Site Request Forgery

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery of GnuPG Dirmngr, in order to force the victim to perform operations.
Impacted products: GnuPG, openSUSE Leap, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights.
Provenance: internet client.
Creation date: 17/12/2018.
Identifiers: CVE-2018-1000858, openSUSE-SU-2019:0020-1, SUSE-SU-2019:0023-1, USN-3853-1, VIGILANCE-VUL-28032.

Description of the vulnerability

An attacker can trigger a Cross Site Request Forgery of GnuPG Dirmngr, in order to force the victim to perform operations.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-9234

GnuPG: privilege escalation via Key Certification

Synthesis of the vulnerability

An attacker can bypass restrictions via Key Certification of GnuPG, in order to escalate his privileges.
Impacted products: Fedora, GnuPG, Solaris, Ubuntu.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: user shell.
Creation date: 04/04/2018.
Identifiers: bulletinapr2019, CVE-2018-9234, FEDORA-2018-3fc05e009d, USN-3675-1, USN-3675-2, USN-3675-3, VIGILANCE-VUL-25772.

Description of the vulnerability

An attacker can bypass restrictions via Key Certification of GnuPG, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-0379

Libgcrypt: information disclosure via Curve25519 ECDH Side-channel

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Curve25519 ECDH Side-channel of Libgcrypt, in order to obtain sensitive information.
Impacted products: Debian, Fedora, GnuPG, MariaDB ~ precise, MySQL Community, MySQL Enterprise, Oracle Communications, Percona Server, Slackware, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet server.
Creation date: 30/08/2017.
Identifiers: cpujan2019, cpujul2018, CVE-2017-0379, DSA-3959-1, FEDORA-2017-8cd171f540, FEDORA-2017-bcdeca9d41, SSA:2017-261-02, USN-3417-1, VIGILANCE-VUL-23639.

Description of the vulnerability

An attacker can bypass access restrictions to data via Curve25519 ECDH Side-channel of Libgcrypt, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-7526

Libgcrypt: information disclosure via Flush Reload Side-channel Attack

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Flush Reload Side-channel Attack of Libgcrypt, in order to obtain sensitive information.
Impacted products: Debian, Fedora, GnuPG, openSUSE Leap, Solaris, Slackware, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 29/06/2017.
Identifiers: bulletinoct2017, CVE-2017-7526, DLA-1015-1, DLA-1080-1, DSA-3901-1, DSA-3960-1, FEDORA-2017-3b70d0b976, FEDORA-2017-a348b32eb5, openSUSE-SU-2017:1822-1, SSA:2017-180-04, SSA:2017-213-01, USN-3347-1, USN-3347-2, USN-3733-1, USN-3733-2, VIGILANCE-VUL-23104.

Description of the vulnerability

An attacker can bypass access restrictions to data via Flush Reload Side-channel Attack of Libgcrypt, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-6313

GnuPG: predicting 160 bits

Synthesis of the vulnerability

An attacker can use a vulnerability in the pseudo-random generator of GnuPG, in order to predict bits.
Impacted products: Debian, Fedora, GnuPG, Security Directory Server, openSUSE, openSUSE Leap, Solaris, RHEL, Slackware, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 18/08/2016.
Identifiers: 2000347, bulletinoct2017, CVE-2016-6313, CVE-2016-6316-ERROR, DLA-600-1, DLA-602-1, DSA-3649-1, DSA-3650-1, FEDORA-2016-2b4ecfa79f, FEDORA-2016-3a0195918f, FEDORA-2016-81aab0aff9, FEDORA-2016-9864953aa3, openSUSE-SU-2016:2208-1, openSUSE-SU-2016:2423-1, RHSA-2016:2674-01, SSA:2016-236-01, SSA:2016-236-02, USN-3064-1, USN-3065-1, VIGILANCE-VUL-20413.

Description of the vulnerability

The GnuPG/Libgcrypt product uses a pseudo-random generator to generate series of bits, used by keys.

However, an attacker who can read 4640 successive bits can predict the 160 next bits.

Existing RSA keys are not weakened. Existing DSA / ElGamal keys should not be weakened. The editor thus recommends to not revoke existing keys.

An attacker can therefore use a vulnerability in the pseudo-random generator of GnuPG, in order to predict bits.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 19402

GnuPG: code execution during installation

Synthesis of the vulnerability

An attacker can invite the victim to download malicious libraries on Windows, in order to run code during the installation of GnuPG.
Impacted products: GnuPG.
Severity: 2/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 19/04/2016.
Identifiers: VIGILANCE-VUL-19402.

Description of the vulnerability

When a user installs a new application on Windows, he downloads the installation program (install.exe for example), and then runs it.

However, the GnuPG installation program loads several DLLs (uxtheme.dll, winmm.dll, samcli.dll, msacm32.dll, version.dll, sfc.dll, sfc_os.dll, userenv.dll, profapi.dll, dwmapi.dll, mpr.dll) from the current directory. So, if an attacker invited the victim to download a malicious DLL file, before he runs install.exe from the Download directory, the code located in the DLL is run.

An attacker can therefore invite the victim to download malicious libraries on Windows, in order to run code during the installation of GnuPG.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2015-7511

Libgcrypt: information disclosure via ECDH

Synthesis of the vulnerability

An attacker, who is located near the computer, can capture electromagnetic data during an ECDH encryption on Libgcrypt, in order to obtain information about the private key.
Impacted products: Debian, Fedora, GnuPG, openSUSE, openSUSE Leap, Solaris, Slackware, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 1/4.
Consequences: data reading.
Provenance: radio connection.
Creation date: 15/02/2016.
Identifiers: bulletinoct2017, CVE-2015-7511, DSA-3474-1, DSA-3478-1, FEDORA-2016-ec4c27d766, openSUSE-SU-2016:0575-1, openSUSE-SU-2016:1227-1, SSA:2016-054-03, USN-2896-1, VIGILANCE-VUL-18938.

Description of the vulnerability

The Libgcrypt library implements an encryption algorithm based on ECDH (Elliptic Curve Diffie Hellman).

However, during the encryption of a known chosen ciphertext, an attacker can capture electromagnetic emanations from the computer, to obtain information about interruptions, and compute the ECDH key.

An attacker, who is located near the computer, can therefore capture electromagnetic data during an ECDH encryption on Libgcrypt, in order to obtain information about the private key.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 16842

GnuPG: information disclosure via OpenPGP Format

Synthesis of the vulnerability

An attacker, who can read an error message which occurs during the automatic decryption by GnuPG, can send numerous encrypted messages in order to progressively guess the content of the clear message.
Impacted products: GnuPG.
Severity: 1/4.
Consequences: data reading.
Provenance: document.
Creation date: 07/05/2015.
Identifiers: VIGILANCE-VUL-16842.

Description of the vulnerability

The GnuPG product can be installed in order to automatically decrypt messages.

When there is an error with the automatic decryption, GnuPG shows a message. However, the error message depends where the error is located.

An attacker, who can read an error message which occurs during the automatic decryption by GnuPG, can therefore send numerous encrypted messages in order to progressively guess the content of the clear message.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 16583

GnuPG: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of GnuPG.
Impacted products: GnuPG.
Severity: 2/4.
Consequences: denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 14/04/2015.
Identifiers: VIGILANCE-VUL-16583.

Description of the vulnerability

Several vulnerabilities were announced in GnuPG.

An attacker can read a memory fragment of a gpgparsemail process, in order to obtain sensitive information. [severity:1/4]

An attacker can submit a PGP packet with a negative size, in order to trigger a denial of service. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about GnuPG: