Ubuntu alert USN-7954-2 (libtasn1-6)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7954-2] Libtasn1 vulnerabilities | |
| Date: | Wed, 11 Feb 2026 19:43:58 +0000 | |
| Message-ID: | <E1vqG7y-0006QE-Kr@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7954-2 February 10, 2026 libtasn1-6 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Libtasn1. Software Description: - libtasn1-6: Library to manage ASN.1 structures Details: USN-7954-1 fixed vulnerabilities in Libtasn1. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2021-46848 only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Libtasn1 incorrectly handled decoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. (CVE-2025-13151) It was discovered that Libtasn1 incorrectly handled encoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-46848) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS libtasn1-6 4.16.0-2ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libtasn1-6 4.13-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libtasn1-6 4.7-3ubuntu0.16.04.3+esm4 Available with Ubuntu Pro Ubuntu 14.04 LTS libtasn1-6 3.4-3ubuntu0.6+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7954-2 https://ubuntu.com/security/notices/USN-7954-1 CVE-2021-46848, CVE-2025-13151
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmmM27IACgkQcpJm3tlz hgHzXBAA0fiFQhufNMBa4HdVwnNcOVx4FL5zfJKne32oidtTwioeo1e8xfAhcUk8 L3RqX6WKLoo+wEAXXI0apJ+vAzE9pEZPyZXjAcn3pq3Ku7cDconoKqvaPephhcdm 6b2AaBIBi8XaWjtjnPTvkJzGEnSekvufVaV8ujkUYy2DAbgYODAzzTCTAgkcLBA+ HrNiR61daaEtMRcLPQm6dSu1aMq+V9xsx2aZ2pl+LawPAZg6z+Mj3UC0660LTCkL qc2raekyhWpMu/46at1gvB2x1DcExtzojJyh92c/LhBy071QaBEP/OId5zokHEtD lpX8qAOJoh0r9DSDx2pXeGbjTLICW3g7dnFJPQK+DX/7VDA1IqH86AH7cRQGJ2A0 PK2ifCIhs1QugeKVje7thNEN9U8DzIJsOD/hP27uxV5vR3HPMtIDq5fvzyKn64DY j/q8oy6U1RBqbocOwYXNodbfP41bKFp2HZvEczQVOVF33GrkWTq3+EPYsCbuKBzW RgFa4/XSsclL2ncBdRj/hkrJkkIpePQlEjJ1r+xyLDpsrXyAbTYgpwtV3eLprQmI tsI3WYTIs8ehPfmuoquM/AucAXLujQsMmcFW6VfWNJJZ34gCObTJ2PoCW+r10+oL 06+TF3yMrinFeHrLpAt56Cp/MwllxMfIT/8LXBlwrcbjuFb8dag= =NZL+ -----END PGP SIGNATURE-----