CVE-2025-68972

Medium CVSS: 5.9

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

Vendor

Gnupg

Product

Gnupg

CWE

CWE-347

Yayın Tarihi

2025-12-27 23:15:40

Güncelleme

2026-01-09 20:08:47

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-347 Gnupg MEDIUM Gnupg 2025

Referanslar

https://gpg.fail/formfeed https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i https://news.ycombinator.com/item?id=46404339 https://gpg.fail/formfeed

Benzer Kayıtlar

High

CVE-2026-24881

In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause…

High

CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for…

Low

CVE-2026-24883

In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to…

High

CVE-2025-68973

In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leadin…

Low

CVE-2025-30258

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid bac…