Vulners
Lucene search
Linux Distros Unpatched Vulnerability : CVE-2025-13353
| Reporter | Title | Published | Views | Family All 22 |
|---|---|---|---|---|
 | CVE-2025-13353 | 2 Dec 202515:00 | – | circl |
 | gokey 安全漏洞 | 2 Dec 202500:00 | – | cnnvd |
 | CVE-2025-13353 | 2 Dec 202511:03 | – | cve |
 | CVE-2025-13353 gokey allows secret recovery from a seed file without the master password | 2 Dec 202511:03 | – | cvelist |
 | CVE-2025-13353 | 2 Dec 202511:03 | – | debiancve |
 | EUVD-2025-200219 | 2 Dec 202511:03 | – | euvd |
 | gokey allows secret recovery from a seed file without the master password | 2 Dec 202517:55 | – | github |
 | CVE-2025-13353 | 2 Dec 202511:15 | – | nvd |
 | DEBIAN-CVE-2025-13353 | 2 Dec 202511:15 | – | osv |
| GHSA-69JW-4JJ8-FCXM gokey allows secret recovery from a seed file without the master password | 2 Dec 202517:55 | – | osv |
10
| Source | Link |
|---|---|
| security-tracker | www.security-tracker.debian.org/tracker/CVE-2025-13353 |
| ubuntu | www.ubuntu.com/security/CVE-2025-13353 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(277090);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/21");
script_cve_id("CVE-2025-13353");
script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2025-13353");
script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.
- In gokey versions <0.2.0, a flaw in the seed decryption logic resulted in passwords incorrectly being
derived solely from the initial vector and the AES-GCM authentication tag of the key seed. This issue has
been fixed in gokey version 0.2.0. This is a breaking change. The fix has invalidated any
passwords/secrets that were derived from the seed file (using the -s option). Even if the input seed file
stays the same, version 0.2.0 gokey will generate different secrets. Impact This vulnerability impacts
generated keys/secrets using a seed file as an entropy input (using the -s option). Keys/secrets generated
just from the master password (without the -s option) are not impacted. The confidentiality of the seed
itself is also not impacted (it is not required to regenerate the seed itself). Specific impact includes:
* keys/secrets generated from a seed file may have lower entropy: it was expected that the whole seed
would be used to generate keys (240 bytes of entropy input), where in vulnerable versions only 28 bytes
was used * a malicious entity could have recovered all passwords, generated from a particular seed, having
only the seed file in possession without the knowledge of the seed master password Patches The code logic
bug has been fixed in gokey version 0.2.0 and above. Due to the deterministic nature of gokey, fixed
versions will produce different passwords/secrets using seed files, as all seed entropy will be used now.
System secret rotation guidance It is advised for users to regenerate passwords/secrets using the patched
version of gokey (0.2.0 and above), and provision/rotate these secrets into respective systems in place of
the old secret. A specific rotation procedure is system-dependent, but most common patterns are described
below. Systems that do not require the old password/secret for rotation Such systems usually have a
Forgot password facility or a similar facility allowing users to rotate their password/secrets by
sending a unique magic link to the user's email or phone. In such cases users are advised to use this
facility and input the newly generated password secret, when prompted by the system. Systems that require
the old password/secret for rotation Such systems usually have a modal password rotation window usually in
the user settings section requiring the user to input the old and the new password sometimes with a
confirmation. To generate/recover the old password in such cases users are advised to: * temporarily
download gokey version 0.1.3 https://github.com/cloudflare/gokey/releases/tag/v0.1.3 for their respective
operating system to recover the old password * use gokey version 0.2.0 or above to generate the new
password * populate the system provided password rotation form Systems that allow multiple credentials for
the same account to be provisioned Such systems usually require a secret or a cryptographic key as a
credential for access, but allow several credentials at the same time. One example is SSH: a particular
user may have several authorized public keys configured on the SSH server for access. For such systems
users are advised to: * generate a new secret/key/credential using gokey version 0.2.0 or above *
provision the new secret/key/credential in addition to the existing credential on the system * verify that
the access or required system operation is still possible with the new secret/key/credential * revoke
authorization for the existing/old credential from the system Credit This vulnerability was found by Tho
Cusnir ( @mister_mime https://hackerone.com/mister_mime ) and responsibly disclosed through Cloudflare's
bug bounty program. (CVE-2025-13353)
Note that Nessus relies on the presence of the package as reported by the vendor.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-13353");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2025-13353");
script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-13353");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vendor_unpatched", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/12/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/12/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:13.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gokey");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gokey");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
script_require_ports("Host/OS/Debian Linux-11", "Host/OS/Debian Linux-12", "Host/OS/Debian Linux-13", "Host/OS/Ubuntu Linux-20.04", "Host/OS/Ubuntu Linux-22.04", "Host/OS/Ubuntu Linux-24.04", "Host/OS/Ubuntu Linux-25.04", "Host/OS/Ubuntu Linux-25.10");
exit(0);
}
if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);
include('linux_unpatched.inc');
var distro_constraints_array = {
"Debian Linux-11": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "11",
"pkgs": [
{"reference": "gokey"},
{"reference": "golang-github-cloudflare-gokey-dev"}
]
}
]
},
"Debian Linux-12": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "12",
"pkgs": [
{"reference": "gokey"},
{"reference": "golang-github-cloudflare-gokey-dev"}
]
}
]
},
"Debian Linux-13": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "13",
"pkgs": [
{"reference": "gokey"},
{"reference": "golang-github-cloudflare-gokey-dev"}
]
}
]
},
"Ubuntu Linux-20.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "20.04",
"pkgs": [
{"reference": "gokey"}
]
}
]
},
"Ubuntu Linux-22.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "22.04",
"pkgs": [
{"reference": "gokey"}
]
}
]
},
"Ubuntu Linux-24.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "24.04",
"pkgs": [
{"reference": "gokey"}
]
}
]
},
"Ubuntu Linux-25.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "25.04",
"pkgs": [
{"reference": "gokey"}
]
}
]
},
"Ubuntu Linux-25.10": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "25.10",
"pkgs": [
{"reference": "gokey"}
]
}
]
}
};
var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);
if (!empty_or_null(report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : report
);
exit(0);
}
else
{
audit(AUDIT_HOST_NOT, 'affected');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 May 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.15.5
CVSS 47.1
EPSS0.00049
SSVC