Home

CVE-2018-12020

Description

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the --status-fd 2 option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
2.796

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2018-12020 are affected in GnuPG for windows 2.2.7Windows
GNU privacy guard - a free PGP replacement (USN-3675-1) gpg_2.2.4-1ubuntu1.2_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-1) gpg_2.2.4-1ubuntu1.2_amd64.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-1) gnupg_1.4.16-1ubuntu2.6_amd64.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-1) gnupg_1.4.16-1ubuntu2.6_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-1) gnupg_1.4.20-1ubuntu3.3_amd64.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-1) gnupg_1.4.20-1ubuntu3.3_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-1) gnupg_2.1.15-1ubuntu8.1_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-1) gnupg_2.1.15-1ubuntu8.1_amd64.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-2) gnupg2_2.0.22-3ubuntu1.4_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-2) gnupg2_2.0.22-3ubuntu1.4_amd64.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-2) gnupg2_2.1.11-6ubuntu2.1_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-3675-2) gnupg2_2.1.11-6ubuntu2.1_amd64.debLinux
GNU privacy guard - a free PGP replacement (USN-3733-1) gnupg_1.4.16-1ubuntu2.6_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-3733-1) gnupg_1.4.16-1ubuntu2.6_amd64.debLinux
GNU privacy guard - a free PGP replacement (USN-3733-1) gnupg_1.4.20-1ubuntu3.3_i386.debLinux
GNU privacy guard - a free PGP replacement (USN-3733-1) gnupg_1.4.20-1ubuntu3.3_amd64.debLinux
Python wrapper for the GNU Privacy Guard (USN-3964-1) python-gnupg_0.4.1-1ubuntu1.18.04.1_all.debLinux
Python wrapper for the GNU Privacy Guard (USN-3964-1) python-gnupg_0.4.1-1ubuntu1.18.10.1_all.debLinux
Python wrapper for the GNU Privacy Guard (USN-3964-1) python-gnupg_0.4.3-1ubuntu1.19.04.1_all.debLinux
Python wrapper for the GNU Privacy Guard (USN-3964-1) python3-gnupg_0.4.1-1ubuntu1.18.04.1_all.debLinux
Python wrapper for the GNU Privacy Guard (USN-3964-1) python3-gnupg_0.4.1-1ubuntu1.18.10.1_all.debLinux
Python wrapper for the GNU Privacy Guard (USN-3964-1) python3-gnupg_0.4.3-1ubuntu1.19.04.1_all.debLinux
gnupg2 security update(DSA-4222-1) gnupg2_2.0.26-6+deb8u2_i386.debLinux
gnupg2 security update(DSA-4222-1) gnupg2_2.0.26-6+deb8u2_amd64.debLinux
gnupg2 security update(DSA-4222-1) gnupg2_2.1.18-8~deb9u2_all.debLinux
gnupg1 security update(DSA-4223-1) gnupg1_1.4.21-4+deb9u1_i386.debLinux
gnupg1 security update(DSA-4223-1) gnupg1_1.4.21-4+deb9u1_amd64.debLinux
gnupg security update(DSA-4224-1) gnupg_1.4.18-7+deb8u5_i386.debLinux
gnupg security update(DSA-4224-1) gnupg_1.4.18-7+deb8u5_amd64.debLinux
Gnupg2 security update (CESA-2018:2180) gnupg2-2.0.14-9.el6_10.i686.rpmLinux
Gnupg2 security update (CESA-2018:2180) gnupg2-2.0.14-9.el6_10.x86_64.rpmLinux
Gnupg2 security update (CESA-2018:2180) gnupg2-smime-2.0.14-9.el6_10.i686.rpmLinux
Gnupg2 security update (CESA-2018:2180) gnupg2-smime-2.0.14-9.el6_10.x86_64.rpmLinux
Gnupg2 security update (CESA-2018:2181) gnupg2-2.0.22-5.el7_5.x86_64.rpmLinux
Gnupg2 security update (CESA-2018:2181) gnupg2-smime-2.0.22-5.el7_5.x86_64.rpmLinux
(RHSA-2018:2180) Important: gnupg2 security update gnupg2-2.0.14-9.el6_10.i686.rpmLinux
(RHSA-2018:2180) Important: gnupg2 security update gnupg2-2.0.14-9.el6_10.x86_64.rpmLinux
(RHSA-2018:2180) Important: gnupg2 security update gnupg2-smime-2.0.14-9.el6_10.i686.rpmLinux
(RHSA-2018:2180) Important: gnupg2 security update gnupg2-smime-2.0.14-9.el6_10.x86_64.rpmLinux
(RHSA-2018:2181) Important: gnupg2 security update gnupg2-2.0.22-5.el7_5.x86_64.rpmLinux
(RHSA-2018:2181) Important: gnupg2 security update gnupg2-smime-2.0.22-5.el7_5.x86_64.rpmLinux
SUSE-SU-2018:1696-1(SUSE Linux Enterprise Server 11-SP4 ) gpg2-2.0.9-25.33.42.3.1.x86_64.rpmLinux
SUSE-SU-2018:1696-1(SUSE Linux Enterprise Server 11-SP4 ) gpg2-lang-2.0.9-25.33.42.3.1.x86_64.rpmLinux
SUSE-SU-2018:1698-1(SUSE Linux Enterprise Desktop 12-SP3 ) gpg2-2.0.24-9.3.1.x86_64.rpmLinux
SUSE-SU-2018:1698-1(SUSE Linux Enterprise Desktop 12-SP3 ) gpg2-debuginfo-2.0.24-9.3.1.x86_64.rpmLinux
SUSE-SU-2018:1698-1(SUSE Linux Enterprise Desktop 12-SP3 ) gpg2-debugsource-2.0.24-9.3.1.x86_64.rpmLinux
SUSE-SU-2018:1698-1(SUSE Linux Enterprise Desktop 12-SP3 ) gpg2-lang-2.0.24-9.3.1.noarch.rpmLinux
Gnupg2 update (ELSA-2018-2180) gnupg2-2.0.14-9.el6_10.x86_64.rpmLinux
Gnupg2-smime update (ELSA-2018-2180) gnupg2-smime-2.0.14-9.el6_10.x86_64.rpmLinux
Gnupg2 update (ELSA-2018-2180) gnupg2-2.0.14-9.el6_10.i686.rpmLinux
Gnupg2-smime update (ELSA-2018-2180) gnupg2-smime-2.0.14-9.el6_10.i686.rpmLinux
(RHSA-2018:2181)Important: security update gnupg2-debuginfo-2.0.22-5.el7_5.x86_64.rpmLinux
Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2018-12020)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234