USN-7954-1 Unknown

USN-7954-1: Libtasn1 vulnerabilities

Canonical (Ubuntu) Released: January 12, 2026 Updated: January 14, 2026 Restart Required

Description

It was discovered that Libtasn1 incorrectly handled decoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. (CVE-2025-13151) It was discovered that Libtasn1 incorrectly handled encoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-46848)

Fixed Vulnerabilities 1

CVE-2025-13151 N/A 0.0 ⚠️ KEV fixed

Jan 07, 2026

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.

Quick Info

Patch ID: USN-7954-1

Vendor: Canonical (Ubuntu)

Severity: Unknown

CVEs Fixed: 1

Restart: Required

Vendor

Canonical (Ubuntu)

Additional Info

action:

usn id: USN-7954-1

summary: Libtasn1 could be made to crash if it received specially crafted input.

usn number: 7954-1

instructions: In general, a standard system update will make all the necessary changes.

CVE Vulnerabilities

Posts & Pages