Ubuntu alert USN-7954-1 (libtasn1-6)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7954-1] Libtasn1 vulnerabilities | |
| Date: | Mon, 12 Jan 2026 14:02:08 +0000 | |
| Message-ID: | <E1vfIUi-00070a-Kt@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7954-1 January 12, 2026 libtasn1-6 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Libtasn1 could be made to crash if it received specially crafted input. Software Description: - libtasn1-6: Library to manage ASN.1 structures Details: It was discovered that Libtasn1 incorrectly handled decoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. (CVE-2025-13151) It was discovered that Libtasn1 incorrectly handled encoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-46848) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libtasn1-6 4.20.0-2ubuntu0.25.10.1 Ubuntu 25.04 libtasn1-6 4.20.0-2ubuntu0.25.04.1 Ubuntu 24.04 LTS libtasn1-6 4.19.0-3ubuntu0.24.04.2 Ubuntu 22.04 LTS libtasn1-6 4.18.0-4ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7954-1 CVE-2021-46848, CVE-2025-13151 Package Information: https://launchpad.net/ubuntu/+source/libtasn1-6/4.20.0-2u... https://launchpad.net/ubuntu/+source/libtasn1-6/4.20.0-2u... https://launchpad.net/ubuntu/+source/libtasn1-6/4.19.0-3u... https://launchpad.net/ubuntu/+source/libtasn1-6/4.18.0-4u...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmlk/tcACgkQcpJm3tlz hgEZnRAA01wGtff8UdTvp8EhU9vj9b1WtUPN+WdIsQdfyg5jd/vcm3c05Bj88/XA CxgvctuPdNj21Kb5AoLRQ6W5jRL8vBl4EKb/Z765m3hYn55Q+Br8Y4GY3aaavCLg c94Zu4AawY6S82CoDOh0xZNFnzwxVrFyex0IEReDj8fqb32bARsbkiBpdgWc1MUX ewSipY0nYPQPBpWn+NGl/OyICw8SddQbvYivzDUakTA2tPzJjPZIyyylLEyEH7nR AswdIvtVv/eBllCAMQAfO2IIUhN/IppIvLZr912fs22I9lF3XdepSPIdzwerJ08h 5JfLgCCKe6uyZn6r+JDZMyNsMZHp/UFuFBJr1acjBG1ikoclAGgPlrekv6RuoAb2 TVxvGLP/dSuolmMOsU2Lcm/8tL+N+6vQx0/0Gobrhd/5LN2sr6wNcrra6aYGGz2A nOgJ75AEz9kQMsLLQDr4XEr0QaG+22Hd3L+1pOf2qBymYFIT/rQVJSa/jXrIwD8y ibcN4WF545+m/66zGbfOqhaXdjZBMfshzQsyysa5nBlm9myKo91kmdJz7r/b98yt ydd5f2IDNZHwlV7CVVYF2KtH4XBtQa28Cz0+DJoU/sxyxMI863D4/qHGyzFrBIpd Cdg8L1wssoXgWut1V47+4JoTYBhngYtOp1eHAkaWNRGBWQ76ImM= =nTmE -----END PGP SIGNATURE-----