CVE-2025-68973

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-68973
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68973.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-68973
Aliases
Downstream
Related
Published
2025-12-28T17:16:01.500Z
Modified
2026-02-02T22:20:28.309167Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)

References

Affected packages

Git / github.com/gpg/gnupg

Affected ranges

Type
GIT
Repo
https://github.com/gpg/gnupg
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
115d138ba599328005c5321c0ef9f00355838ca9

Affected versions

Other
ABANDONED-V-1-2-0
NEWPG-0-0-0
NEWPG-0-3-0
NEWPG-0-3-1
NEWPG-0-3-10
NEWPG-0-3-2
NEWPG-0-3-3
NEWPG-0-3-4
NEWPG-0-3-5
NEWPG-0-3-6
NEWPG-0-3-7
NEWPG-0-3-8
NEWPG-0-3-9
NEWPG-0-9-0
NEWPG-0-9-1
NEWPG-0-9-2
RC-1-2-1rc1
RC-1-2-2rc1
RC-1-2-2rc2
RC-1-2-3rc1
RC-1-2-3rc2
RC-1-2-4rc1
RC-1-2-5rc1
RC-1-2-5rc2
RC-1-4-1rc1
RC-1-4-1rc2
RC-1-4-2rc1
RC-1-4-2rc2
V-0-2-8
V0-0-0
V0-1-0
V0-2-0
V0-2-10
V0-2-15
V0-2-17
V0-2-18
V0-2-19
V0-2-6
V0-3-0
V0-3-1
V0-3-2
V0-3-3
V0-3-4
V0-3-5
V0-4-0
V0-4-1
V0-4-2
V0-4-3
V0-4-4
V0-4-5
V0-9-0
V0-9-1
V0-9-10
V0-9-11
V0-9-2
V0-9-3
V0-9-4
V0-9-5
V0-9-6
V0-9-7
V0-9-8
V0-9-9
V1-0-0
V1-0-1
V1-0-1-ePit-1
V1-0-2
V1-0-3
V1-0-4
V1-1-0
V1-1-2
V1-1-90
V1-1-91
V1-1-92
V1-2-0
V1-2-1
V1-2-2
V1-2-3
V1-2-4
V1-2-5
V1-3-0
V1-3-1
V1-3-2
V1-3-3
V1-3-4
V1-3-5
V1-3-6
V1-3-90
V1-3-91
V1-3-92
V1-3-93
V1-4-0
V1-4-1
V1-9-0
V1-9-1
V1-9-10
V1-9-11
V1-9-12
V1-9-13
V1-9-14
V1-9-15
V1-9-16
V1-9-17
V1-9-18
V1-9-19
V1-9-2
V1-9-3
V1-9-4
V1-9-5
V1-9-6
V1-9-7
V1-9-8
V1-9-9
ecc-integration-done
post-nuke-of-trailing-ws
Beta-2.*
Beta-2.3.0-beta1598
Beta-2.3.0-beta1655
gnupg-1.*
gnupg-1.4.3
gnupg-1.4.3rc1
gnupg-1.4.3rc2
gnupg-1.4.4
gnupg-1.4.5
gnupg-1.4.5rc1
gnupg-1.9.20
gnupg-1.9.21
gnupg-1.9.22
gnupg-1.9.23
gnupg-1.9.90
gnupg-1.9.91
gnupg-1.9.92
gnupg-1.9.93
gnupg-1.9.94
gnupg-1.9.95
gnupg-2.*
gnupg-2.0.1
gnupg-2.0.10
gnupg-2.0.10rc1
gnupg-2.0.11
gnupg-2.0.12
gnupg-2.0.13
gnupg-2.0.1rc1
gnupg-2.0.2
gnupg-2.0.3
gnupg-2.0.4
gnupg-2.0.5
gnupg-2.0.6
gnupg-2.0.7
gnupg-2.0.8
gnupg-2.0.8rc1
gnupg-2.0.9
gnupg-2.1-base
gnupg-2.1.0
gnupg-2.1.0-beta442
gnupg-2.1.0-beta751
gnupg-2.1.0-beta783
gnupg-2.1.0-beta834
gnupg-2.1.0-beta864
gnupg-2.1.0-beta895
gnupg-2.1.0beta1
gnupg-2.1.0beta2
gnupg-2.1.0beta3
gnupg-2.1.1
gnupg-2.1.10
gnupg-2.1.11
gnupg-2.1.12
gnupg-2.1.13
gnupg-2.1.14
gnupg-2.1.15
gnupg-2.1.16
gnupg-2.1.17
gnupg-2.1.18
gnupg-2.1.19
gnupg-2.1.2
gnupg-2.1.20
gnupg-2.1.21
gnupg-2.1.22
gnupg-2.1.23
gnupg-2.1.3
gnupg-2.1.4
gnupg-2.1.5
gnupg-2.1.6
gnupg-2.1.7
gnupg-2.1.8
gnupg-2.1.9
gnupg-2.2-base
gnupg-2.2.0
gnupg-2.2.1
gnupg-2.2.2
gnupg-2.2.3
gnupg-2.2.4
gnupg-2.2.5
gnupg-2.2.6
gnupg-2.2.7
gnupg-2.3-base
gnupg-2.3.0
gnupg-2.3.1
gnupg-2.3.2
gnupg-2.3.3
gnupg-2.3.4
gnupg-2.3.5
gnupg-2.3.6
gnupg-2.3.7
gnupg-2.3.8
gnupg-2.4-base
gnupg-2.4.0
gnupg-2.4.1
gnupg-2.4.2
gnupg-2.4.3
gnupg-2.4.4
gnupg-2.4.5
gnupg-2.5-base
gnupg-2.5.0
gnupg-2.5.1
gnupg-2.5.10
gnupg-2.5.11
gnupg-2.5.12
gnupg-2.5.13
gnupg-2.5.2
gnupg-2.5.3
gnupg-2.5.4
gnupg-2.5.5
gnupg-2.5.6
gnupg-2.5.7
gnupg-2.5.8
gnupg-2.5.9
gnupg-2.6-base

Database specific

vanir_signatures 
[
    {
        "signature_type": "Line",
        "source": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
        "target": {
            "file": "g10/armor.c"
        },
        "id": "CVE-2025-68973-0795d086",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "49443994032101166499817929710418787617",
                "15885349329180648629886665119482066444",
                "251567423413559438915149228397159278172",
                "245307190880893838302112067120951580886",
                "233025292863636828738951527225626808703"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "source": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
        "target": {
            "file": "common/iobuf.c",
            "function": "underflow_target"
        },
        "id": "CVE-2025-68973-68fb37d4",
        "signature_version": "v1",
        "digest": {
            "function_hash": "308261127033383064013893380111635919569",
            "length": 4339.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "source": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
        "target": {
            "file": "g10/armor.c",
            "function": "armor_filter"
        },
        "id": "CVE-2025-68973-7fc31e4d",
        "signature_version": "v1",
        "digest": {
            "function_hash": "8491897487455473404532060143085768712",
            "length": 6659.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "source": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
        "target": {
            "file": "common/iobuf.c"
        },
        "id": "CVE-2025-68973-b1425f20",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "58417909544796076269955505969248422608",
                "110818776878108934247290968241798853078",
                "99737392810453685630251105482111447244",
                "113935288793173739545537940463888600246",
                "41376399652890006191605110496782282706",
                "202248868800533379919068614240070725527",
                "90049560659301795284536280797535053471",
                "9804346519796051411285763134077578441",
                "296479341702821865710742504302221433754",
                "292603048869066697821076139961345089813",
                "186002179277992063921212080551453478339",
                "69347065700127502231412071429307141456",
                "260244605468677653061030662897025985687",
                "140014099526233636479402025901264429351"
            ]
        },
        "deprecated": false
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68973.json"