Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Ubuntu 20.04 LTS Pyasn1 High Risk DoS Vulnerabilities USN-8134-1

Calendar Mar 31, 2026 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service security issue Ubuntu high pyasn1
Several security issues were fixed in pyasn1. 
==========================================================================
Ubuntu Security Notice USN-8134-1
March 30, 2026

pyasn1 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in pyasn1.

Software Description:
- pyasn1: ASN.1 library for Python

Details:

It was discovered that pyasn1 could exhaust system resources when
attempting to decode a malformed certificate. An attacker could
possibly use this to cause a denial of service. (CVE-2026-23490)

Kevin Tu discovered that pyasn1 could exhaust system resources via
uncontrolled recursion when attempting to decode malicously-crafted
certificates. An attacker could possibly use this to cause a denial of
service. (CVE-2026-30922)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
  pypy-pyasn1                     0.4.2-3ubuntu0.20.04.1~esm1
                                  Available with Ubuntu Pro
  python-pyasn1                   0.4.2-3ubuntu0.20.04.1~esm1
                                  Available with Ubuntu Pro
  python3-pyasn1                  0.4.2-3ubuntu0.20.04.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  pypy-pyasn1                     0.4.2-3ubuntu0.18.04.1~esm1
                                  Available with Ubuntu Pro
  python-pyasn1                   0.4.2-3ubuntu0.18.04.1~esm1
                                  Available with Ubuntu Pro
  python3-pyasn1                  0.4.2-3ubuntu0.18.04.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  pypy-pyasn1                     0.1.9-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  python-pyasn1                   0.1.9-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  python3-pyasn1                  0.1.9-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  python-pyasn1                   0.1.7-1ubuntu2.1+esm1
                                  Available with Ubuntu Pro
  python3-pyasn1                  0.1.7-1ubuntu2.1+esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8134-1
  CVE-2026-23490, CVE-2026-30922

Ubuntu 20.04 LTS Pyasn1 High Risk DoS Vulnerabilities USN-8134-1

ubuntu
Calendar Grey March 31, 2026
Dist Ubuntu Esm H88
Several security issues fixed in pyasn1 for Ubuntu. Immediate update required to mitigate potential DoS attacks.
Several security issues were fixed in pyasn1.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in pyasn1. Software Description: - pyasn1: ASN.1 library for Python Details: It was discovered that pyasn1 could exhaust system resources when attempting to decode a malformed certificate. An attacker could possibly use this to cause a denial of service. (CVE-2026-23490) Kevin Tu discovered that pyasn1 could exhaust system resources via uncontrolled recursion when attempting to decode malicously-crafted certificates. An attacker could possibly use this to cause a denial of service. (CVE-2026-30922)

Topics%20covered

Topics Covered

security advisory denial of service security issue Ubuntu high pyasn1

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS pypy-pyasn1 0.4.2-3ubuntu0.20.04.1~esm1 Available with Ubuntu Pro python-pyasn1 0.4.2-3ubuntu0.20.04.1~esm1 Available with Ubuntu Pro python3-pyasn1 0.4.2-3ubuntu0.20.04.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS pypy-pyasn1 0.4.2-3ubuntu0.18.04.1~esm1 Available with Ubuntu Pro python-pyasn1 0.4.2-3ubuntu0.18.04.1~esm1 Available with Ubuntu Pro python3-pyasn1 0.4.2-3ubuntu0.18.04.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS pypy-pyasn1 0.1.9-1ubuntu0.1~esm1 Available with Ubuntu Pro python-pyasn1 0.1.9-1ubuntu0.1~esm1 Available with Ubuntu Pro python3-pyasn1 0.1.9-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 14.04 LTS python-pyasn1 0.1.7-1ubuntu2.1+esm1 Available with Ubuntu Pro python3-pyasn1 0.1.7-1ubuntu2.1+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8134-1

CVE-2026-23490, CVE-2026-30922

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8134-1

Topics%20covered

Topics Covered

security advisory denial of service security issue Ubuntu high pyasn1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here