GnuPG Crypto Library Can be Pwned During Decryption

by
Fnord666
from SoylentNews on (#5DJK2)

MrPlow wrote in with a submission, via IRC, for chromas,

Source: GnuPG crypto library can be pwned during decryption - patch now!

Bug hunter Tavis Ormandy of Google's Project Zero just discovered a dangerous bug in the GNU Privacy Guard team's libgcrypt encryption software.

[...] In theory, this vulnerability could lead to what's known as RCE, short for Remote [C]ode Execution, because the bug can be triggered simply by sending libgcrypt a block of booby-trapped data to decrypt.

In other words, a program that used libgcrypt to decrypt and check the integrity of data submitted from outside the network - ironically, something you might do to see if you should trust the data in the first place - could be tricked into running an arbitrary fragment of malware code hidden away inside that data.

[...] The vulnerability was introduced in version 1.9.0 of the library, which only came out on 2021-01-19, less than two weeks before Ormandy filed his bug report.

But the good news for those of us who did get 1.9.0 within the last few days is that the GNU Privacy Guard team fixed this bug almost immediately, releasing version 1.9.1.

To check the version on your system, issue:

gpg2 --version | grep libgcrypt

You need to update if you see:

libgcrypt 1.9.0

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments