mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the –status-fd 2 option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Enterprise_linux_desktop | Redhat | 6.0 (including) | 6.0 (including) |
| Enterprise_linux_desktop | Redhat | 7.0 (including) | 7.0 (including) |
| Enterprise_linux_server | Redhat | 6.0 (including) | 6.0 (including) |
| Enterprise_linux_server | Redhat | 7.0 (including) | 7.0 (including) |
| Enterprise_linux_server_aus | Redhat | 7.6 (including) | 7.6 (including) |
| Enterprise_linux_server_eus | Redhat | 7.5 (including) | 7.5 (including) |
| Enterprise_linux_server_eus | Redhat | 7.6 (including) | 7.6 (including) |
| Enterprise_linux_server_tus | Redhat | 7.6 (including) | 7.6 (including) |
| Enterprise_linux_workstation | Redhat | 6.0 (including) | 6.0 (including) |
| Enterprise_linux_workstation | Redhat | 7.0 (including) | 7.0 (including) |
| Red Hat Enterprise Linux 6 | RedHat | gnupg2-0:2.0.14-9.el6_10 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnupg2-0:2.0.22-5.el7_5 | * |
| Enigmail | Ubuntu | artful | * |
| Enigmail | Ubuntu | bionic | * |
| Enigmail | Ubuntu | cosmic | * |
| Enigmail | Ubuntu | disco | * |
| Enigmail | Ubuntu | eoan | * |
| Enigmail | Ubuntu | esm-apps/bionic | * |
| Enigmail | Ubuntu | esm-apps/focal | * |
| Enigmail | Ubuntu | esm-apps/jammy | * |
| Enigmail | Ubuntu | esm-apps/xenial | * |
| Enigmail | Ubuntu | focal | * |
| Enigmail | Ubuntu | groovy | * |
| Enigmail | Ubuntu | hirsute | * |
| Enigmail | Ubuntu | impish | * |
| Enigmail | Ubuntu | jammy | * |
| Enigmail | Ubuntu | kinetic | * |
| Enigmail | Ubuntu | trusty | * |
| Enigmail | Ubuntu | upstream | * |
| Enigmail | Ubuntu | xenial | * |
| Gnupg | Ubuntu | trusty | * |
| Gnupg | Ubuntu | upstream | * |
| Gnupg | Ubuntu | xenial | * |
| Gnupg1 | Ubuntu | artful | * |
| Gnupg1 | Ubuntu | bionic | * |
| Gnupg1 | Ubuntu | cosmic | * |
| Gnupg1 | Ubuntu | disco | * |
| Gnupg1 | Ubuntu | esm-apps/bionic | * |
| Gnupg1 | Ubuntu | upstream | * |
| Gnupg2 | Ubuntu | artful | * |
| Gnupg2 | Ubuntu | bionic | * |
| Gnupg2 | Ubuntu | cosmic | * |
| Gnupg2 | Ubuntu | devel | * |
| Gnupg2 | Ubuntu | disco | * |
| Gnupg2 | Ubuntu | eoan | * |
| Gnupg2 | Ubuntu | focal | * |
| Gnupg2 | Ubuntu | groovy | * |
| Gnupg2 | Ubuntu | hirsute | * |
| Gnupg2 | Ubuntu | impish | * |
| Gnupg2 | Ubuntu | jammy | * |
| Gnupg2 | Ubuntu | kinetic | * |
| Gnupg2 | Ubuntu | lunar | * |
| Gnupg2 | Ubuntu | mantic | * |
| Gnupg2 | Ubuntu | noble | * |
| Gnupg2 | Ubuntu | oracular | * |
| Gnupg2 | Ubuntu | trusty | * |
| Gnupg2 | Ubuntu | upstream | * |
| Gnupg2 | Ubuntu | xenial | * |
| Python-gnupg | Ubuntu | artful | * |
| Python-gnupg | Ubuntu | bionic | * |
| Python-gnupg | Ubuntu | cosmic | * |
| Python-gnupg | Ubuntu | esm-apps/xenial | * |
| Python-gnupg | Ubuntu | trusty | * |
| Python-gnupg | Ubuntu | trusty/esm | * |
| Python-gnupg | Ubuntu | upstream | * |
| Python-gnupg | Ubuntu | xenial | * |