{"id":"USN-7980-1","summary":"openssl vulnerabilities","details":"Stanislav Fort, Petr Šimeček, and Hamza discovered that OpenSSL\nincorrectly validated PBMAC1 parameters when doing PKCS#12 MAC\nverification. An attacker could possibly use this issue to cause OpenSSL to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n25.10. (CVE-2025-11187)\n\nStanislav Fort discovered that OpenSSL incorrectly parsed CMS\nAuthEnvelopedData messages. An attacker could possibly use this issue to\ncause OpenSSL to crash, resulting in a denial of service. (CVE-2025-15467)\n\nStanislav Fort discovered that OpenSSL incorrectly handled memory in the\nSSL_CIPHER_find() function. An attacker could possibly use this issue to\ncause OpenSSL to crash, resulting in a denial of service. This issue only\naffected Ubuntu 25.10. (CVE-2025-15468)\n\nStanislav Fort discovered that the OpenSSL \"openssl dgst\" command line\ntool incorrectly truncated data to 16MB. An attacker could posibly use this\nissue to hide unauthenticated data beyond the 16MB limit. This issue only\naffected Ubuntu 25.10. (CVE-2025-15469)\n\nTomas Dulka and Stanislav Fort discovered that OpenSSL incorrectly handled\nmemory with TLS 1.3 connections using certificate compression. An attacker\ncould possibly use this issue to consume resources, leading to a denial of\nservice. This issue only affected Ubuntu 25.10. (CVE-2025-66199)\n\nPetr Simecek and Stanislav Fort discovered that OpenSSL incorrectly handled\nmemory when writing large data into a BIO chain. An attacker could possibly\nuse this issue to consume resources, leading to a denial of service.\n(CVE-2025-68160)\n\nStanislav Fort discovered that the OpenSSL OCB API could incorrectly leave\nfinal partial blocks unencrypted and unauthenticated. An attacker could\npossibly use this issue to read or tamper with the affected final bytes.\n(CVE-2025-69418)\n\nStanislav Fort discovered that OpenSSL incorrectly handled the\nPKCS12_get_friendlyname() utf-8 conversion. An attacker could possibly use\nthis issue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2025-69419)\n\nLuigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE\nvalidation in the TS_RESP_verify_response() function. An attacker could\npossibly use this issue to cause OpenSSL to crash, resulting in a denial of\nservice. (CVE-2025-69420)\n\nLuigino Camastra discovered that OpenSSL incorrectly handled memory in the\nPKCS12_item_decrypt_d2i_ex function. An attacker could possibly use this\nissue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2025-69421)\n\nLuigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE\nvalidation in PKCS#12 parsing. An attacker could possibly use this issue to\ncause OpenSSL to crash, resulting in a denial of service. (CVE-2026-22795)\n\nLuigino Camastra discovered that OpenSSL incorrectly handled ASN1_TYPE\nvalidation in the PKCS7_digest_from_attributes() function. An attacker\ncould possibly use this issue to cause OpenSSL to crash, resulting in a\ndenial of service. (CVE-2026-22796)","modified":"2026-03-24T10:52:40.985197Z","published":"2026-01-27T18:10:18Z","related":["UBUNTU-CVE-2025-11187","UBUNTU-CVE-2025-15467","UBUNTU-CVE-2025-15468","UBUNTU-CVE-2025-15469","UBUNTU-CVE-2025-66199","UBUNTU-CVE-2025-68160","UBUNTU-CVE-2025-69418","UBUNTU-CVE-2025-69419","UBUNTU-CVE-2025-69420","UBUNTU-CVE-2025-69421","UBUNTU-CVE-2026-22795","UBUNTU-CVE-2026-22796"],"upstream":["CVE-2025-11187","CVE-2025-15467","CVE-2025-15468","CVE-2025-15469","CVE-2025-66199","CVE-2025-68160","CVE-2025-69418","CVE-2025-69419","CVE-2025-69420","CVE-2025-69421","CVE-2026-22795","CVE-2026-22796","UBUNTU-CVE-2025-11187","UBUNTU-CVE-2025-15467","UBUNTU-CVE-2025-15468","UBUNTU-CVE-2025-15469","UBUNTU-CVE-2025-66199","UBUNTU-CVE-2025-68160","UBUNTU-CVE-2025-69418","UBUNTU-CVE-2025-69419","UBUNTU-CVE-2025-69420","UBUNTU-CVE-2025-69421","UBUNTU-CVE-2026-22795","UBUNTU-CVE-2026-22796"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7980-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-11187"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-15467"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-15468"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-15469"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-66199"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-68160"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-69418"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-69419"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-69420"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-69421"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-22795"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-22796"}],"affected":[{"package":{"name":"openssl","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.21?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.2-0ubuntu1.21"}]}],"versions":["1.1.1l-1ubuntu1","3.0.0-1ubuntu1","3.0.1-0ubuntu1","3.0.2-0ubuntu1","3.0.2-0ubuntu1.1","3.0.2-0ubuntu1.2","3.0.2-0ubuntu1.4","3.0.2-0ubuntu1.5","3.0.2-0ubuntu1.6","3.0.2-0ubuntu1.7","3.0.2-0ubuntu1.8","3.0.2-0ubuntu1.9","3.0.2-0ubuntu1.10","3.0.2-0ubuntu1.12","3.0.2-0ubuntu1.13","3.0.2-0ubuntu1.14","3.0.2-0ubuntu1.15","3.0.2-0ubuntu1.16","3.0.2-0ubuntu1.17","3.0.2-0ubuntu1.18","3.0.2-0ubuntu1.19","3.0.2-0ubuntu1.20"],"ecosystem_specific":{"binaries":[{"binary_version":"3.0.2-0ubuntu1.21","binary_name":"libssl-dev"},{"binary_version":"3.0.2-0ubuntu1.21","binary_name":"libssl3"},{"binary_version":"3.0.2-0ubuntu1.21","binary_name":"openssl"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-15467"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-68160"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69418"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69419"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69420"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69421"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2026-22795"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2026-22796"}],"ecosystem":"Ubuntu:22.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7980-1.json"}},{"package":{"name":"openssl","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/openssl@3.0.13-0ubuntu3.7?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.13-0ubuntu3.7"}]}],"versions":["3.0.10-1ubuntu2","3.0.10-1ubuntu2.1","3.0.10-1ubuntu3","3.0.10-1ubuntu4","3.0.13-0ubuntu2","3.0.13-0ubuntu3","3.0.13-0ubuntu3.1","3.0.13-0ubuntu3.2","3.0.13-0ubuntu3.3","3.0.13-0ubuntu3.4","3.0.13-0ubuntu3.5","3.0.13-0ubuntu3.6"],"ecosystem_specific":{"binaries":[{"binary_version":"3.0.13-0ubuntu3.7","binary_name":"libssl-dev"},{"binary_version":"3.0.13-0ubuntu3.7","binary_name":"libssl3t64"},{"binary_version":"3.0.13-0ubuntu3.7","binary_name":"openssl"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-15467"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-68160"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69418"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69419"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69420"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69421"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2026-22795"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2026-22796"}],"ecosystem":"Ubuntu:24.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7980-1.json"}},{"package":{"name":"openssl","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/openssl@3.5.3-1ubuntu3?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.5.3-1ubuntu3"}]}],"versions":["3.4.1-1ubuntu3","3.5.0-2ubuntu1","3.5.2-1ubuntu1","3.5.3-1ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_version":"3.5.3-1ubuntu3","binary_name":"libssl-dev"},{"binary_version":"3.5.3-1ubuntu3","binary_name":"libssl3t64"},{"binary_version":"3.5.3-1ubuntu3","binary_name":"openssl"},{"binary_version":"3.5.3-1ubuntu3","binary_name":"openssl-provider-legacy"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-11187"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2025-15467"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-15468"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-15469"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-66199"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-68160"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69418"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69419"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69420"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2025-69421"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2026-22795"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2026-22796"}],"ecosystem":"Ubuntu:25.10"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7980-1.json"}}],"schema_version":"1.7.5"}