CVE-2015-1607

kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

Information

Published : 2019-11-20 11:15

Updated : 2019-11-22 08:19


NVD link : CVE-2015-1607

Mitre link : CVE-2015-1607


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

canonical

  • ubuntu_linux

gnupg

  • gnupg