Summary
Ubuntu Update for Linux kernel vulnerabilities USN-970-1
Solution
Please Install the Updated Packages.
Insight
It was discovered that GPGSM in GnuPG2 did not correctly handle certificates with a large number of Subject Alternate Names. If a user or automated system were tricked into processing a specially crafted certificate, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
Affected
gnupg2 vulnerability on Ubuntu 8.04 LTS ,
Ubuntu 9.04 ,
Ubuntu 9.10 ,
Ubuntu 10.04 LTS
Severity
Classification
-
CVE CVE-2010-2547 -
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
Related Vulnerabilities