Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 623
Alerts This Week
Warning Icon 1 623

Ubuntu 24.04 LTS Security Advisory USN-8128-1 libcryptx-perl Critical DoS

ubuntu
Calendar Grey March 26, 2026
Dist Ubuntu Esm H88
Update your Ubuntu systems as security issues fixed in libcryptx-perl could lead to critical data risks and integrity loss.
Several security issues were fixed in CryptX.

Summary

Several security issues were fixed in CryptX.

Software Description:

- libcryptx-perl: Perl modules providing cryptography based on LibTomCrypt library

Details:

It was discovered that CryptX did not verify authentication tags while

performing GCM and ChaCha20-Poly1305 decryption. An attacker could possibly

use this issue to cause CryptX to accept modified ciphertext, leading to

data integrity violations or authentication bypass. This issue only

affected Ubuntu 18.04 LTS. (CVE-2018-25099)

It was discovered that CryptX included a version of the tomcrypt library

that was susceptible to malformed unicode handling. An attacker could

possibly use this issue to cause unexpected behavior or incorrect

processing of crafted input. This issue only affected Ubuntu 18.04 LTS.

(CVE-2025-40912)

It was discovered that CryptX included a version of the libtommath library

that was susceptible to an integer overflow. An attacker could possibly use

this issue to cause memory corruption or a denial ...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  libcryptx-perl                  0.080-2ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  libcryptx-perl                  0.076-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  libcryptx-perl                  0.067-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libcryptx-perl                  0.056-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8128-1

CVE-2018-25099, CVE-2025-40912, CVE-2025-40914

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8128-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.