Showing 1 - 1 of 1

CVE-2015-1607

Status Candidate

Overview

kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."

Related Files

Ubuntu Security Notice USN-2554-1: Posted Apr 1, 2015; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2554-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer discovered that GnuPG was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. Various other issues were also addressed.; tags | advisory, local; systems | linux, ubuntu; advisories | CVE-2014-3591, CVE-2014-5270, CVE-2015-0837, CVE-2015-1606, CVE-2015-1607; SHA-256 | acd1c36d18e0b5be95a85b1785f915c0f1383d9bbab5c56b752b2a664eb94d1f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 304 files
indoushka 142 files
Ubuntu 100 files
Gentoo 32 files
Debian 24 files
LiquidWorm 17 files
Apple 11 files
Google Security Research 8 files
malvuln 8 files
Michael Baer 3 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,144)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,608)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,085)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,928)
UNIX (9,469)
UnixWare (188)
Windows (6,784)
Other

CVE-2015-1607

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems