CVE-2020-25125

HIGH EPSS 66.5%
Published Sep 3, 20205y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Sep 3, 2020 5y ago
Last Modified Jun 17, 2026 2w ago

Description

GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, leading to a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences. The overflow is caused by a g10/key-check.c error. NOTE: GnuPG 2.3.x is unaffected. GnuPG 2.2.23 is a fixed version.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
66.5% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-120

Affected Products 3

VendorProductVersionRange
gnupggnupg2.2.21any
gnupggnupg2.2.22any
gpg4wingpg4win3.1.12any

References 6

  • openwall.com http://www.openwall.com/lists/oss-security/2020/09/03/4
    Mailing ListThird Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2020/09/03/5
    Mailing ListThird Party Advisory
  • bugzilla.opensuse.org https://bugzilla.opensuse.org/show_bug.cgi?id=1176034
    ExploitIssue TrackingThird Party Advisory
  • dev.gnupg.org https://dev.gnupg.org/T5050
    Mailing List
  • dev.gnupg.org https://dev.gnupg.org/rG8ec9573e57866dda5efb4677d4454161517484bc
    PatchVendor Advisory
  • lists.gnupg.org https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html
    Vendor Advisory

Remediation

  • dev.gnupg.org https://dev.gnupg.org/rG8ec9573e57866dda5efb4677d4454161517484bc
    PatchVendor Advisory