CVE-2014-3564

NameCVE-2014-3564
DescriptionMultiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-39-1, DSA-3005-1
NVD severitymedium (attack range: remote)
Debian Bugs756651

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
gpgme1.0 (PTS)wheezy, wheezy (security)1.2.0-1.4+deb7u1fixed
jessie1.5.1-6fixed
stretch1.8.0-3fixed
buster1.9.0-4fixed
sid1.9.0-6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gpgme1.0source(unstable)1.5.1-1medium756651
gpgme1.0sourcesqueeze1.2.0-1.2+deb6u1medium
gpgme1.0sourcewheezy1.2.0-1.4+deb7u1mediumDSA-3005-1

Notes

patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77

Search for package or bug name: Reporting problems