mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the –status-fd 2 option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Enterprise_linux_desktop | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_desktop | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_server | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_server | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_server_aus | Redhat | 7.6 (including) | 7.6 (including) |
Enterprise_linux_server_eus | Redhat | 7.5 (including) | 7.5 (including) |
Enterprise_linux_server_eus | Redhat | 7.6 (including) | 7.6 (including) |
Enterprise_linux_server_tus | Redhat | 7.6 (including) | 7.6 (including) |
Enterprise_linux_workstation | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_workstation | Redhat | 7.0 (including) | 7.0 (including) |