toolkit release (GNU Privacy Guard) compatible with the OpenPGP standards () and S/MIME, and provides utilities for data encryption, electronic signatures, key management, and access to public key stores. The new version fixes a critical vulnerability (), which appears starting from version 2.2.21 and is used when importing a specially designed OpenPGP key.
Importing a key with a specially formatted large list of AEAD algorithms can lead to array overflow and crash or undefined behavior. It is noted that the creation of an exploit that leads not only to crash is a difficult task, but such a possibility is not excluded. The main difficulty in developing an exploit is that the attacker can only control every second byte of the sequence, and the first byte always takes the value 0x04. Software distribution systems with digital key verification are safe because they use a predefined list of keys.
Source: opennet.ru