Your submission was sent successfully! Close

CVE-2018-12020

Published: 8 June 2018

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.

From the Ubuntu security team

Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
enigmail
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Needed

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needed

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needed

jammy Needed

precise Does not exist

trusty Does not exist
(trusty was needed)
upstream
Released (2.0.7)
xenial Ignored
(end of standard support, was needed)
gnupg
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

precise
Released (1.4.11-3ubuntu2.11)
trusty
Released (1.4.16-1ubuntu2.5)
upstream
Released (1.4.18-7+deb8u5)
xenial
Released (1.4.20-1ubuntu3.2)
gnupg1
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Needed

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Not vulnerable
(1.4.22-5)
focal Not vulnerable
(1.4.22-5)
groovy Not vulnerable
(1.4.22-5)
hirsute Not vulnerable
(1.4.22-5)
impish Not vulnerable
(1.4.22-5)
jammy Not vulnerable
(1.4.22-5)
precise Does not exist

trusty Does not exist

upstream
Released (1.4.22-5)
xenial Does not exist

gnupg2
Launchpad, Ubuntu, Debian
artful
Released (2.1.15-1ubuntu8.1)
bionic
Released (2.2.4-1ubuntu1.1)
cosmic
Released (2.2.8-1ubuntu1)
disco
Released (2.2.8-1ubuntu1)
eoan
Released (2.2.8-1ubuntu1)
focal
Released (2.2.8-1ubuntu1)
groovy
Released (2.2.8-1ubuntu1)
hirsute
Released (2.2.8-1ubuntu1)
impish
Released (2.2.8-1ubuntu1)
jammy
Released (2.2.8-1ubuntu1)
precise Does not exist

trusty Does not exist
(trusty was released [2.0.22-3ubuntu1.4])
upstream
Released (2.2.8-1)
xenial
Released (2.1.11-6ubuntu2.1)
python-gnupg
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic
Released (0.4.1-1ubuntu1.18.04.1)
cosmic
Released (0.4.1-1ubuntu1.18.10.1)
disco Not vulnerable
(0.4.3-1ubuntu1)
eoan Not vulnerable
(0.4.3-1ubuntu1)
focal Not vulnerable
(0.4.3-1ubuntu1)
groovy Not vulnerable
(0.4.3-1ubuntu1)
hirsute Not vulnerable
(0.4.3-1ubuntu1)
impish Not vulnerable
(0.4.3-1ubuntu1)
jammy Not vulnerable
(0.4.3-1ubuntu1)
precise Does not exist

trusty Needed

upstream
Released (0.4.3-1)
xenial Ignored
(end of standard support, was needed)