5 matches found
Sequoia PGP has Subtraction Overflow when aes_key_unwrap function is provided ciphertext that is too short
In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...
CVE-2025-13470
A flaw was found in RNP. This vulnerability allows for the trivial decryption of data encrypted using public-key encryption, fully compromising confidentiality, via an uninitialized symmetric session key in Public-Key Encrypted Session Key PKESK packets, which results in an all-zero byte array...
Linux Distros Unpatched Vulnerability : CVE-2025-13470
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized...
EUVD-2025-198494
In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...
RUSTSEC-2025-0136 Underflow in aes_key_unwrap function
The aeskeyunwrap function would panic if passed a ciphertext that was too short. In a debug build, it would panic due to a subtraction underflow. In a release build, it would use the small negative quantity to allocate a vector. Since the allocator expects an unsigned quantity, the negative value...