CVE-2022-3515

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

CVSS v3.0 9.8 CRITICAL

9.8^/10

CVSS v3.0 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b	Exploit Patch Third Party Advisory
https://access.redhat.com/security/cve/CVE-2022-3515	Patch Third Party Advisory
https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2135610	Exploit Issue Tracking Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:libksba_project:libksba:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:gpg4win:gpg4win:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:gnupg:vs-desktop:*:*:*:*:*:*:*:*

Configuration 4 (hide)

OR	cpe:2.3:a:gnupg:gnupg:::::lts:::*
	cpe:2.3:a:gnupg:gnupg:::::-:::*

Information

Published : 2023-01-12 07:15

Updated : 2023-01-20 12:08

NVD link : CVE-2022-3515

Mitre link : CVE-2022-3515

JSON object : View

CWE

CWE-190

Integer Overflow or Wraparound

Advertisement

Products Affected

gnupg

vs-desktop
gnupg

libksba_project

libksba

gpg4win

gpg4win

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b", "name": "https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b", "tags": ["Exploit", "Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://access.redhat.com/security/cve/CVE-2022-3515", "name": "https://access.redhat.com/security/cve/CVE-2022-3515", "tags": ["Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html", "name": "https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135610", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2135610", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-190"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3515", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}}, "publishedDate": "2023-01-12T15:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:libksba_project:libksba:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.6.3"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gpg4win:gpg4win:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.1.0", "versionStartIncluding": "2.0.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gnupg:vs-desktop:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.1.26", "versionStartIncluding": "3.1.16"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.2.41", "versionStartIncluding": "2.1.0"}, {"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.4.0", "versionStartIncluding": "2.3.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-01-20T20:08Z"}