CVE-2013-4351

GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
Affected Products (NVD)
VendorProductVersion
gnupggnupg
1.4.0
gnupggnupg
1.4.2
gnupggnupg
1.4.3
gnupggnupg
1.4.4
gnupggnupg
1.4.5
gnupggnupg
1.4.6
gnupggnupg
1.4.8
gnupggnupg
1.4.10
gnupggnupg
1.4.11
gnupggnupg
1.4.12
gnupggnupg
1.4.13
gnupggnupg
2.0
gnupggnupg
2.0.1
gnupggnupg
2.0.3
gnupggnupg
2.0.4
gnupggnupg
2.0.5
gnupggnupg
2.0.6
gnupggnupg
2.0.7
gnupggnupg
2.0.8
gnupggnupg
2.0.10
gnupggnupg
2.0.11
gnupggnupg
2.0.12
gnupggnupg
2.0.13
gnupggnupg
2.0.14
gnupggnupg
2.0.15
gnupggnupg
2.0.16
gnupggnupg
2.0.17
gnupggnupg
2.0.18
gnupggnupg
2.0.19
gnupggnupg
2.1.0:beta1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnupg2
bookworm
2.2.40-1.1
fixed
bullseye
2.2.27-2+deb11u2
fixed
bullseye (security)
2.2.27-2+deb11u2
fixed
sid
2.2.45-2
fixed
trixie
2.2.44-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnupg
lucid
Fixed 1.4.10-2ubuntu1.4
released
precise
Fixed 1.4.11-3ubuntu2.4
released
quantal
Fixed 1.4.11-3ubuntu4.3
released
raring
Fixed 1.4.12-7ubuntu1.2
released
gnupg2
lucid
ignored
precise
Fixed 2.0.17-2ubuntu2.12.04.3
released
quantal
Fixed 2.0.17-2ubuntu3.2
released
raring
Fixed 2.0.19-2ubuntu1.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
gpg2
suse enterprise desktop 15
2.2.5-2.9
fixed
suse enterprise desktop 15 SP1
2.2.5-4.6.2
fixed
suse enterprise sap 12 SP5
2.0.24-9.8.1
fixed
suse enterprise sap 15
2.2.5-2.9
fixed
suse enterprise sap 15 SP1
2.2.5-4.6.2
fixed
suse enterprise server 12
2.0.24-1.5
fixed
suse enterprise server 12 SP1
2.0.24-1.5
fixed
suse enterprise server 12 SP2
2.0.24-3.2
fixed
suse enterprise server 12 SP5
2.0.24-9.8.1
fixed
suse enterprise server 15
2.2.5-2.9
fixed
suse enterprise server 15 SP1
2.2.5-4.6.2
fixed
gpg2-lang
suse enterprise desktop 15
2.2.5-2.9
fixed
suse enterprise desktop 15 SP1
2.2.5-4.6.2
fixed
suse enterprise sap 12 SP5
2.0.24-9.8.1
fixed
suse enterprise sap 15
2.2.5-2.9
fixed
suse enterprise sap 15 SP1
2.2.5-4.6.2
fixed
suse enterprise server 12
2.0.24-1.5
fixed
suse enterprise server 12 SP1
2.0.24-1.5
fixed
suse enterprise server 12 SP2
2.0.24-3.2
fixed
suse enterprise server 12 SP5
2.0.24-9.8.1
fixed
suse enterprise server 15
2.2.5-2.9
fixed
suse enterprise server 15 SP1
2.2.5-4.6.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
gnupg2
RHEL 6
0:2.0.14-6.el6_4
fixed
gnupg2-smime
RHEL 6
0:2.0.14-6.el6_4
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html
http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html
http://rhn.redhat.com/errata/RHSA-2013-1459.html
http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138
http://ubuntu.com/usn/usn-1987-1
http://www.debian.org/security/2013/dsa-2773
http://www.debian.org/security/2013/dsa-2774
http://www.openwall.com/lists/oss-security/2013/09/13/4
https://bugzilla.redhat.com/show_bug.cgi?id=1010137
http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html
http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html
http://rhn.redhat.com/errata/RHSA-2013-1459.html
http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138
http://ubuntu.com/usn/usn-1987-1
http://www.debian.org/security/2013/dsa-2773
http://www.debian.org/security/2013/dsa-2774
http://www.openwall.com/lists/oss-security/2013/09/13/4
https://bugzilla.redhat.com/show_bug.cgi?id=1010137