A "severe" vulnerability in GNU Privacy Guard (GnuPG)'s Libgcrypt encryption software could have allowed an attacker to write arbitrary data to the target machine, potentially leading to remote code execution.
The flaw, which affects version 1.9.0 of libgcrypt, was discovered on January 28 by Tavis Ormandy of Project Zero, a security research unit within Google dedicated to finding zero-day bugs in hardware and software systems.
No other versions of Libgcrypt are affected by the vulnerability.
"There is a heap buffer overflow in libgcrypt due to an incorrect assumption in the block buffer management code," Ormandy said. "Just decrypting some data can overflow a heap buffer with attacker controlled data, no verification or signature is validated before the vulnerability occurs."
GnuPG addressed the weakness almost immediately within a day after disclosure, while urging users to stop using the vulnerable version. The latest version can be downloaded here.
The Libgcrypt library is an open-source cryptographic toolkit offered as part of GnuPG software suite to encrypt and sign data and communications. An implementation of OpenPGP, it's used for digital security in many Linux distributions such as Fedora and Gentoo, although it isn't as widely used as OpenSSL or LibreSSL.
According to GnuPG, the bug appears to have been introduced in 1.9.0 during its development phase two years ago as part of a change to "reduce overhead on generic hash write function," but it was only spotted last week by Google Project Zero.
Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!Save My Seat!
Thus all an attacker needs to do to trigger this critical flaw is to send the library a block of specially-crafted data to decrypt, thus tricking the application into running an arbitrary fragment of malicious code embedded in it (aka shellcode) or crash a program (in this case, gpg) that relies on the Libgcrypt library.
"Exploiting this bug is simple and thus immediate action for 1.9.0 users is required," Libgcrypt author Werner Koch noted. "The 1.9.0 tarballs on our FTP server have been renamed so that scripts won't be able to get this version anymore."