Home GnuPG
Diffusion GnuPG 2438271ab601

agent: Fix stack buffer overflow when using gpgsm and KEM
2438271ab601
Actions

Description

agent: Fix stack buffer overflow when using gpgsm and KEM

* agent/pkdecrypt.c (ecc_kem_decrypt): Check sessionkey_len before
calling gcry_cipher_decrypt.  Always close decryption handle.

This bug was indroduced with 2.5.13 (2025-10-22). It affects only
this branch.

Details

Provenance
wernerAuthored on Tue, Jan 20, 12:48 PM
Parents
rGc7770b0a7068: gpgsm: Make multiple search patterns work with keyboxd.
Branches
Unknown
Tags
Unknown
Tasks
T8044: gpg-agent stack buffer overflow in pkdecrypt using KEM

Changes (2)

PathSize
agent/

rG2438271ab601

View Options

NEWS

Loading...
View Options

agent/pkdecrypt.c

Loading...