Sam James <[email protected]> wrote: > > A crafted CMS (S/MIME) EnvelopedData message carrying an oversized > > wrapped session key can cause a stack buffer overflow in gpg-agent > > during the PKDECRYPT--kem=CMS handling. This can easily be used for a > > DoS but, worse, the memory corruption can very likley also be used to > > mount a remote code execution attack. > > > > A CVE-id has not been assigned. We track this bug as T8044 under > > https://dev.gnupg.org/T8044. This vulnerability was discovered by: > > OpenAI Security Research. Their report was received on 2026-01-18;
This vulnerability sounds very similar to the just announced OpenSSL vulnerability CVE-2025-15467. That vulnerability was noted as having been discovered Stanislav Fort (Aisle Research). Is it a coincident that these two issues were detected shortly after one another by different parties? -Jan
