[v3.1] libksba, gnupg: buffer overflow in ksba_oid_to_str (CVE-2014-9087)
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
The single CVE-2014-9087 number applies to both Libksba and GnuPG.
References:
http://seclists.org/oss-sec/2014/q4/836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9087
MLIST:[gnupg-announce] 20141125 [Announce] [security fix] Libksba
1.3.2 for GnuPG released
URL:
http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html
MISC:
https://blog.fuzzing-project.org/2-Buffer-overflow-and-other-minor-issues-in-GnuPG-and-libksba-TFPA-0012014.html
(from redmine: issue id 3765, created on 2015-01-27, closed on 2017-05-17)
- Relations:
- parent #3761
- Changesets:
- Revision 7b4cf250 by Natanael Copa on 2015-01-27T11:58:41Z:
main/libksba: security upgrade to 1.3.2 (CVE-2014-9087)
fixes #3765