CVE-2020-25125: user/gnupg: key import with AEAD preference causes array overflow
| Bugzilla ID | 354 |
| Alias(es) | CVE-2020-25125 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-09-04 16:49:59 -0500 |
| Modified | 2020-09-22 22:42:59 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/gnupg |
| URL | https://www.openwall.com/lists/oss-security/2020/09/03/4 |
Description
https://www.openwall.com/lists/oss-security/2020/09/03/4
Fixed in >= 2.2.23 https://lwn.net/Articles/830538/