CVE-2025-67897

NameCVE-2025-67897
DescriptionIn Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1122582

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
rust-sequoia-openpgp (PTS)bullseye1.1.0-3vulnerable
bookworm1.12.0-2vulnerable
trixie2.0.0-2vulnerable
forky, sid2.1.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
rust-sequoia-openpgpsource(unstable)2.1.0-11122582

Notes

[trixie] - rust-sequoia-openpgp <no-dsa> (Minor issue)
[bookworm] - rust-sequoia-openpgp <no-dsa> (Minor issue)
[bullseye] - rust-sequoia-openpgp <ignored> (Minor issue)
Fixed by: https://gitlab.com/sequoia-pgp/sequoia/-/commit/b59886e5e7bdf7169ed330f309a6633d131776e5 (openpgp/v2.1.0)
Search for package or bug name: Reporting problems