Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 615
Alerts This Week
Warning Icon 1 615

Ubuntu 20.04 LTS Pyasn1 High Risk DoS Vulnerabilities USN-8134-1

ubuntu
Calendar Grey March 31, 2026
Dist Ubuntu Esm H88
Several security issues fixed in pyasn1 for Ubuntu. Immediate update required to mitigate potential DoS attacks.
Several security issues were fixed in pyasn1.

Summary

Several security issues were fixed in pyasn1.

Software Description:

- pyasn1: ASN.1 library for Python

Details:

It was discovered that pyasn1 could exhaust system resources when

attempting to decode a malformed certificate. An attacker could

possibly use this to cause a denial of service. (CVE-2026-23490)

Kevin Tu discovered that pyasn1 could exhaust system resources via

uncontrolled recursion when attempting to decode malicously-crafted

certificates. An attacker could possibly use this to cause a denial of

service. (CVE-2026-30922)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
  pypy-pyasn1                     0.4.2-3ubuntu0.20.04.1~esm1
                                  Available with Ubuntu Pro
  python-pyasn1                   0.4.2-3ubuntu0.20.04.1~esm1
                                  Available with Ubuntu Pro
  python3-pyasn1                  0.4.2-3ubuntu0.20.04.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  pypy-pyasn1                     0.4.2-3ubuntu0.18.04.1~esm1
                                  Available with Ubuntu Pro
  python-pyasn1                   0.4.2-3ubuntu0.18.04.1~esm1
                                  Available with Ubuntu Pro
  python3-pyasn1                  0.4.2-3ubuntu0.18.04.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  pypy-pyasn1                     0.1.9-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  python-pyasn1                   0.1.9-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  python3-pyasn1                  0.1.9-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  python-pyasn1                   0.1.7-1ubuntu2.1+esm1
                                  Available with Ubuntu Pro
  python3-pyasn1                  0.1.7-1ubuntu2.1+esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8134-1

CVE-2026-23490, CVE-2026-30922

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8134-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.