Rapid7 Vulnerability & Exploit Database

RHSA-2013:1458: gnupg security update

Back to Search

RHSA-2013:1458: gnupg security update

Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
10/09/2013
Created
07/25/2018
Added
10/28/2013
Modified
07/04/2017

Description

The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data andcreating digital signatures, compliant with the proposed OpenPGP Internetstandard and the S/MIME standard.It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reloadcache side-channel attack on the RSA secret exponent. An attacker able toexecute a process on the logical CPU that shared the L3 cache with theGnuPG process (such as a different local user or a user of a KVM guestrunning on the same host with the kernel same-page merging functionalityenabled) could possibly use this flaw to obtain portions of the RSA secretkey. (CVE-2013-4242)A denial of service flaw was found in the way GnuPG parsed certaincompressed OpenPGP packets. An attacker could use this flaw to sendspecially crafted input data to GnuPG, making GnuPG enter an infinite loopwhen parsing data. (CVE-2013-4402)It was found that importing a corrupted public key into a GnuPG keyringdatabase corrupted that keyring. An attacker could use this flaw to trick alocal user into importing a specially crafted public key into their keyringdatabase, causing the keyring to be corrupted and preventing its furtheruse. (CVE-2012-6085)It was found that GnuPG did not properly interpret the key flags in a PGPkey packet. GPG could accept a key for uses not indicated by its holder.(CVE-2013-4351)Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402issue. Upstream acknowledges Taylor R Campbell as the original reporter.All gnupg users are advised to upgrade to this updated package, whichcontains backported patches to correct these issues.

Solution(s)

  • redhat-upgrade-gnupg
  • redhat-upgrade-gnupg-debuginfo

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;