Jean-René Reinhard, Olivier Levillain and Florian Maury reported that GnuPG, the GNU Privacy Guard, did not properly parse certain garbled compressed data packets. A remote attacker could use this flaw to mount a denial of service against GnuPG by triggering an infinite loop.