Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities Ubuntu Security

USN-8134-1: pyasn1 vulnerabilities

cve-2026-23490cve-2026-30922pythonasn.1dos
  • What: Multiple denial of service vulnerabilities in pyasn1 library
  • Impact: Ubuntu users may be affected by resource exhaustion attacks
Read Full Article →

Ubuntu Security Notices USN-8134-1 USN-8134-1: pyasn1 vulnerabilities Publication date 30 March 2026 Overview Several security issues were fixed in pyasn1. Releases 20.04 LTS 18.04 LTS 16.04 LTS 14.04 LTS Open side navigation Close side navigation Packages Details Update instructions References Related notices Packages pyasn1 - ASN.1 library for Python Details It was discovered that pyasn1 could exhaust system resources when attempting to decode a malformed certificate. An attacker could possibly use this to cause a denial of service. ( CVE-2026-23490 ) Kevin Tu discovered that pyasn1 could exhaust system resources via uncontrolled recursion when attempting to decode malicously-crafted certificates. An attacker could possibly use this to cause a denial of service. ( CVE-2026-30922 ) It was discovered that pyasn1 could exhaust system resources when attempting to decode a malformed certificate. An attacker could possibly use this to cause a denial of service. ( CVE-2026-23490 ) Kevin Tu discovered that pyasn1 could exhaust system resources via uncontrolled recursion when attempting to decode malicously-crafted certificates. An attacker could possibly use this to cause a denial of service. ( CVE-2026-30922 ) Update instructions In general, a standard system update will make all the necessary changes. Learn more about how to get the fixes. The problem can be corrected by updating your system to the following package versions: Ubuntu Release Package Version 20.04 LTS focal pypy-pyasn1 – 0.4.2-3ubuntu0.20.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . python-pyasn1 – 0.4.2-3ubuntu0.20.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . python3-pyasn1 – 0.4.2-3ubuntu0.20.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . 18.04 LTS bionic pypy-pyasn1 – 0.4.2-3ubuntu0.18.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . python-pyasn1 – 0.4.2-3ubuntu0.18.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . python3-pyasn1 – 0.4.2-3ubuntu0.18.04.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . 16.04 LTS xenial pypy-pyasn1 – 0.1.9-1ubuntu0.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . python-pyasn1 – 0.1.9-1ubuntu0.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . python3-pyasn1 – 0.1.9-1ubuntu0.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro . 14.04 LTS trusty python-pyasn1 – 0.1.7-1ubuntu2.1+esm1 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. python3-pyasn1 – 0.1.7-1ubuntu2.1+esm1 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines. Get Ubuntu Pro References CVE-2026-30922 CVE-2026-23490 CVE-2026-30922 CVE-2026-23490 Related notices USN-8129-1 USN-7975-1 USN-8129-1 USN-7975-1

Related Articles

HIGH RHSA-2026:13508: Important: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update Red Hat Errata HIGH RHSA-2026:13512: Important: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update Red Hat Errata MEDIUM VU#271649: Stack-based buffer overflow in libtasn1 versions v4.20.0 and earlier CERT/CC MEDIUM CVE-2026-23490: pyasn1 has a DoS vulnerability in decoder Web Discovery
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn