CVE-2026-32877

NameCVE-2026-32877
DescriptionBotan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value (C3) failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read of up to 31 bytes, resulting in a crash or potentially other undefined behavior. This issue has been patched in version 3.11.0.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
botan (PTS)bullseye2.17.3+dfsg-2vulnerable
bookworm2.19.3+dfsg-1+deb12u1vulnerable
trixie2.19.5+dfsg-4vulnerable
botan3 (PTS)trixie3.7.1+dfsg-2vulnerable
forky, sid3.11.1+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
botansource(unstable)(unfixed)
botan3sourceexperimental3.11.0+dfsg-1
botan3source(unstable)3.11.0+dfsg-2

Notes

https://github.com/randombit/botan/security/advisories/GHSA-7jj6-4r42-w9h6
https://github.com/randombit/botan/commit/f3c31f96f58f1d1d482032d8f4286dc9ebbc6712 (3.11.0)
Search for package or bug name: Reporting problems