CVE-2025-68972

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

CVSS v3 5.9 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.4 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://gpg.fail/formfeed	Product
https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i	Product
https://news.ycombinator.com/item?id=46404339	Issue Tracking
https://gpg.fail/formfeed	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:gnupg:gnupg:*:*:*:*:-:*:*:*

History

No history.

Information

Published : 2025-12-27 23:15

Updated : 2026-01-09 20:08

NVD link : CVE-2025-68972

Mitre link : CVE-2025-68972

CVE.ORG link : CVE-2025-68972

JSON object : View

Products Affected

gnupg

gnupg

CWE

CWE-347

Improper Verification of Cryptographic Signature

{"id": "CVE-2025-68972", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 1.4}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.0}]}, "published": "2025-12-27T23:15:40.900", "references": [{"url": "https://gpg.fail/formfeed", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://news.ycombinator.com/item?id=46404339", "tags": ["Issue Tracking"], "source": "cve@mitre.org"}, {"url": "https://gpg.fail/formfeed", "tags": ["Product"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "cve@mitre.org", "description": [{"lang": "en", "value": "CWE-347"}]}], "descriptions": [{"lang": "en", "value": "In GnuPG through 2.4.8, if a signed message has \\f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an \"invalid armor\" message is printed during verification). This is related to use of \\f as a marker to denote truncation of a long plaintext line."}], "lastModified": "2026-01-09T20:08:47.323", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "8D4239B3-0B8A-4E14-9E33-DD52A3F8FF25", "versionEndIncluding": "2.4.8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}