CVE-2025-68972

CVE-2025-68972

Name

CVE-2025-68972

Description

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
cve@mitre.org	https://gpg.fail/formfeed
cve@mitre.org	https://news.ycombinator.com/item?id=46404339
cve@mitre.org	https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i

Type

URI

cve@mitre.org

https://gpg.fail/formfeed

cve@mitre.org

https://news.ycombinator.com/item?id=46404339

cve@mitre.org

https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i

CPE URI	Source package	Min version	Max version
	gnupg	>= 0	<= 2.4.8
`cpe:2.3:a:gnupg:gnupg:::::-:::*`	gnupg	>= None	<= 2.4.8

CPE URI

Source package

Min version

Max version

gnupg

>= 0

<= 2.4.8

cpe:2.3:a:gnupg:gnupg:*:*:*:*:-:*:*:*

gnupg

>= None

<= 2.4.8

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
gnupg	edge-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnupg	edge-main	2.4.8-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	edge-main	2.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	edge-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	edge-main	2.2.41-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	edge-main	2.2.40-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	edge-main	2.2.35-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	edge-main	2.2.23-r0	None	possibly vulnerable
gnupg	edge-main	2.2.18-r0	None	possibly vulnerable
gnupg	edge-main	2.2.13-r0	None	possibly vulnerable
gnupg	edge-main	2.2.8-r0	None	possibly vulnerable
gnupg	3.23-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnupg	3.23-main	2.4.8-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	3.22-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnupg	3.22-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	3.22-main	2.2.35-r4	None	possibly vulnerable
gnupg	3.22-main	2.2.23-r0	None	possibly vulnerable
gnupg	3.22-main	2.2.18-r0	None	possibly vulnerable
gnupg	3.22-main	2.2.8-r0	None	possibly vulnerable
gnupg	3.21-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnupg	3.21-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	3.21-main	2.2.35-r4	None	possibly vulnerable
gnupg	3.21-main	2.2.23-r0	None	possibly vulnerable
gnupg	3.21-main	2.2.18-r0	None	possibly vulnerable
gnupg	3.21-main	2.2.8-r0	None	possibly vulnerable
gnupg	3.20-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnupg	3.20-main	2.4.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	3.20-main	2.2.35-r4	None	possibly vulnerable
gnupg	3.20-main	2.2.23-r0	None	possibly vulnerable
gnupg	3.20-main	2.2.18-r0	None	possibly vulnerable
gnupg	3.20-main	2.2.8-r0	None	possibly vulnerable
gnupg	3.19-main	2.4.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnupg	3.19-main	2.2.35-r4	None	possibly vulnerable
gnupg	3.19-main	2.2.23-r0	None	possibly vulnerable
gnupg	3.19-main	2.2.18-r0	None	possibly vulnerable
gnupg	3.19-main	2.2.8-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages