Control: retitle -1 sequoia-openpgp: CVE-2025-67897: DOS (crash) via special crafted encrypted message
hi Holger, On Thu, Dec 11, 2025 at 05:00:26PM +0100, Holger Levsen wrote: > Package: rust-sequoia-openpgp > Version: 1.1.0-3 > Severity: important > Tags: security > > https://gitlab.com/sequoia-pgp/sequoia/-/commit/b59886e5e7bdf7169ed330f309a6633d131776e5 > which was first released with rust-sequoia-openpgp 2.1.0 > describes (and then fixes) the following problem: > > openpgp: Fix an underflow in aes_key_unwrap. > > The `aes_key_unwrap` function would panic if passed a ciphertext > that was too short. In a debug build, it would panic due to a > subtraction underflow. In a release build, it would use the small > negative quantity to allocate a vector. Since the allocator > expects an unsigned quantity, the negative value would be > interpreted as a huge allocation. The allocator would then fail > to allocate the memory and panic. > > An attacker could trigger this panic by sending a victim an > encrypted message whose PKESK or SKESK packet has been specially > modified. When the victim decrypts the message, the program would > crash. > > Reported-by: Jan Różański. CVE-2025-67897 has been assigned for this issue. Regards, Salvatore
