CVE-2018-12020
CVE-2018-12020
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://openwall.com/lists/oss-security/2018/06/08/2http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.htmlhttps://access.redhat.com/errata/RHSA-2018:2180https://access.redhat.com/errata/RHSA-2018:2181https://dev.gnupg.org/T4012http://seclists.org/fulldisclosure/2019/Apr/38https://github.com/RUB-NDS/Johnny-You-Are-Firedhttps://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdfhttps://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0https://lists.debian.org/debian-lts-announce/2021/12/msg00027.htmlhttps://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.htmlhttps://usn.ubuntu.com/3675-1/