oss-sec mailing list archives
Re: Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015)
From: cve-assign () mitre org
Date: Fri, 13 Feb 2015 18:27:31 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
Can you provide more information about a scenario in which a GnuPG NULL pointer dereference has a security impact? A typical use case of GnuPG is a single session with a single command line. The code in question is not part of Libgcrypt, which may be used for long-running processes. Do you mean that: 1. it is possible to create the problematic keyring using --import commands, e.g., the user has imported normal keys for years and now imports a crafted key 2. the problematic keyring makes the product largely unusable, e.g., there is a crash with a common command such as --list-keys 3. it is not possible to fix the problematic keyring with any available commands such as --delete-keys 4. therefore, the product remains unusable unless the user obtains other code to correct the keyring, and thus there is a denial of service ? If the situation were something like: 1. the problematic keyring cannot be created using --import commands; the issue is specific to a new keyring that a user obtains from an untrusted source 2. there is a crash in some situation 3. the user can avoid the impact by discontinuing use of this new keyring then we think that a CVE ID may not be applicable. Also, access to each of your four crashes.fuzzing-project.org URLs currently fails with a 403. We can probably provide at least two CVE IDs in total after those URLs are available. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJU3of5AAoJEKllVAevmvmscd8IAIJeHfu3UoyLoA3gs+SIsy+F d45YIjagmNB/U9i5AYtBCgD+c3SYZnkCOFuqNjaxJPd0NgnhI6rkuc5bgkrbGKzL SwVrHWtyqHBmfWHDvetekXaBSRvG0ufSJ4LkKpLD+aRXNQ/qqVqeEUT0U91TzIZH 0nv9ALKhfm41/cU6USACsRb16cfOdiWJ/dPrFFCRBmirM9RV01T+XXNeHLLPN1H1 9Rn5tyYWyu7NU9dmPhRJTwicyG9+apga9724lnuwzp6ujI0tT8pNSCm5xkQYiCHE z96Kn1DjncJ7vRCs8v7+vVK4qB1qNjpHUd2pLqDr+1sy7d3uwT+W8kHY6cP0QL4= =lEJf -----END PGP SIGNATURE-----
Current thread:
- Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015) Hanno Böck (Feb 13)
- Re: Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015) cve-assign (Feb 13)
- Re: Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015) Hanno Böck (Feb 13)
- Re: Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015) cve-assign (Feb 14)
- Re: Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015) cve-assign (Feb 13)