CVE-2012-6085

描述

The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.

受影響套件(3)

• Debian/gnupgfrom 0, < 1.4.10-4+squeeze1
• Debian/gnupg2from 0, < 2.0.19-2
• Debian/gnupg2from 0, < 2.0.14-2+squeeze1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-6085