|Description||parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)|
|Debian Bugs||375052, 375053, 375473|
Vulnerable and fixed packages
The table below lists information on source packages.
|gnupg2 (PTS)||buster, buster (security)||2.2.12-1+deb10u2||fixed|
|bullseye (security), bullseye||2.2.27-2+deb11u2||fixed|
The information below is based on the following data on fixed versions.