Bug 2407251 (CVE-2025-58185)

Summary: CVE-2025-58185 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: abarbaro, abrianik, adistefa, akostadi, akoudelk, alcohan, amasferr, amctagga, anjoseph, anpicker, ansmith, anthomas, aoconnor, asatyam, bdettelb, bniver, bparees, brainfor, chfoley, ckandaga, cmah, crizzo, debarshir, dhanak, diagrawa, dmayorov, doconnor, drosa, dsimansk, dymurray, ebaron, eglynn, ehelms, fdeutsch, flucifre, ggainey, ggrzybek, gmeno, gparvin, haoli, hasun, hkataria, ibolton, jaharrin, jajackso, jbalunas, jburrell, jcammara, jcantril, jchui, jeder, jfula, jhe, jjoyce, jkoehler, jlledo, jmatthew, jmitchel, jmontleo, jneedle, jowilson, jprabhak, jschluet, jscholz, juwatts, kegrant, kingland, koliveir, kshier, ktsao, kverlaen, lball, lbragsta, lchilton, ldai, lgamliel, lhh, lphiri, lsharar, lsvaty, lucarval, mabashia, manissin, matzew, mbenjamin, mbocek, mburns, mgarciac, mhackett, mhulan, mnovotny, mrunge, mwringe, nboldt, ngough, nmoumoul, nyancey, ometelka, oramraz, osousa, owatkins, pahickey, pantinor, parichar, pbraun, pcreech, peholase, pgaikwad, pgrist, pjindal, psrna, ptisnovs, pvasanth, rchan, rfreiman, rhaigner, rjohnson, rojacob, sabiswas, sakbas, sausingh, sdawley, sfeifer, shvarugh, simaishi, slucidi, smallamp, smcdonal, smullick, sostapov, sseago, stcannon, stirabos, swoodman, tasato, teagle, tfister, thason, thavo, tmalecek, tsedmik, vereddy, veshanka, vimartin, wenshen, whayutin, wtam, xdharmai, xiyuan, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A memory exhaustion flaw has been discovered in the golang encoding/asn1 module. Within parseSequenceOf, reflect.MakeSlice is being used to pre-allocate a slice that is needed in order to fully validate the given DER payload. The size of the slice allocated are also multiple times larger than the input DER. As a result, a malicious actor can craft a big empty DER payload, resulting in an unnecessary large allocation of memories. This can be a way to cause memory exhaustion.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2409854, 2409855, 2409856, 2409857, 2409858, 2409859, 2409860, 2409861, 2409862, 2409863, 2409864, 2409865, 2409866, 2409867, 2409868, 2409869, 2409870, 2409871, 2409872, 2409873, 2409874, 2409875, 2409876, 2409877, 2409878, 2409879, 2409880, 2409881, 2409883, 2409884, 2409885, 2409886, 2409887, 2409888, 2409889, 2409890, 2409891, 2409892, 2409893, 2409894, 2409895, 2409896, 2409898, 2409899, 2409900, 2409901, 2409902, 2409903, 2409904, 2409905, 2409906, 2409907, 2409908, 2409909, 2409910, 2409911, 2409912, 2409913, 2409914, 2409915, 2409916, 2409919, 2409920, 2409921, 2409922, 2409923, 2409924, 2409925, 2409926, 2409927, 2409928, 2409929, 2409930, 2409931, 2409932, 2409933, 2409934, 2409935, 2409936, 2409937, 2409938, 2409939, 2409940, 2409941, 2409942, 2409943, 2409944, 2409945, 2409947, 2409948, 2409950, 2409951, 2409952, 2409953, 2409955, 2409956, 2409957, 2409958, 2409959, 2409960, 2409961, 2409962, 2409963, 2409964, 2409965, 2409966, 2409967, 2409968, 2409969, 2409970, 2409973, 2409974, 2409975, 2409976, 2409977, 2409978, 2409979, 2409980, 2409982, 2409983, 2409984, 2409985, 2409986, 2409987, 2409988, 2409989, 2409991, 2409993, 2409994, 2409995, 2409999, 2410000, 2410001, 2410002, 2410003, 2410004, 2410005, 2410006, 2410007, 2410008, 2410009, 2410010, 2410011, 2410012, 2410015, 2410016, 2410017, 2410018, 2410019, 2410020, 2410021, 2410022, 2410023, 2410024, 2410025, 2410026, 2410027, 2410028, 2410029, 2410030, 2410031, 2410032, 2410033, 2410034, 2410035, 2410036, 2410037, 2410038, 2410039, 2410040, 2410041, 2410042, 2410043, 2410044, 2410045, 2410046, 2410047, 2410048, 2410049, 2410050, 2410051, 2410052, 2410053, 2410054, 2410055, 2410056, 2410057, 2410058, 2410059, 2410060, 2410061, 2410062, 2410063, 2410064, 2410065, 2410066, 2410067, 2410068, 2410069, 2410070, 2410071, 2410072, 2410073, 2410074, 2410075, 2410076, 2410077, 2410078, 2410079, 2410080, 2410081, 2410082, 2410083, 2410084, 2410085, 2410086, 2410087, 2410088, 2410089, 2410090, 2410091, 2410092, 2410093, 2410094, 2410095, 2410096, 2410097, 2410098, 2410099, 2410100, 2410101, 2410102, 2410103, 2410104, 2410105, 2410106, 2410107, 2410108, 2410109, 2410110, 2410111, 2410112, 2410114, 2410115, 2410116, 2410117, 2410118, 2410119, 2410120, 2410121, 2410122, 2410123, 2410124, 2410125, 2410126, 2410127, 2410128, 2410129, 2410130, 2410131, 2410132, 2410133, 2410134, 2410135, 2410136, 2410137, 2410138, 2410139, 2410140, 2410141, 2410142, 2410143, 2410144, 2410145, 2410146, 2410147, 2410148, 2410149, 2410150, 2410151, 2410152, 2410153, 2410154, 2410155, 2410156, 2410157, 2410158, 2410159, 2410160, 2410161, 2410162, 2410163, 2410164, 2410165, 2410166, 2410167, 2410168, 2410169, 2410170, 2410171, 2410172, 2410173, 2410174, 2410175, 2410176, 2410177, 2410178, 2410179, 2410180, 2410181, 2410182, 2410183, 2410184, 2410186, 2410187, 2410188, 2410189, 2410190, 2410191, 2410192, 2410193, 2410194, 2410195, 2410196, 2410197, 2410198, 2410199, 2410200, 2410205, 2410206, 2410207, 2410208, 2410209, 2410210, 2410211, 2410212, 2410215, 2410216, 2410217, 2410218, 2410219, 2410220, 2410221, 2410222, 2410223, 2410224, 2410225, 2410227, 2410228, 2410229, 2410230, 2410231, 2410232, 2410234, 2410235, 2410236, 2410237, 2410238, 2410239, 2410240, 2410241, 2410242, 2410243, 2410244, 2410245, 2410247, 2410248, 2410250, 2410252, 2410253, 2410254, 2410255, 2410256, 2410258, 2410259, 2410260, 2410261, 2410262, 2410264, 2410267, 2410268, 2410269, 2410270, 2410271, 2410272, 2410273, 2410274, 2410275, 2410277, 2410279, 2410280, 2410281, 2410282, 2410286, 2410287, 2410288, 2410289, 2410290, 2410291, 2410292, 2410293, 2410294, 2410295, 2410296, 2410297, 2410298, 2410301, 2410302, 2410303, 2410304, 2410305, 2410306, 2410307, 2410308, 2410309, 2410310, 2410311, 2410312, 2410313, 2410314, 2410315, 2410317, 2410318, 2410319, 2410320, 2410321, 2410322, 2410323, 2410324, 2410325, 2410326, 2410327, 2410328, 2410329, 2410330, 2410331, 2410332, 2410333, 2410334, 2410335, 2410336, 2410337, 2410338, 2410339, 2410340, 2410341, 2410342, 2410343, 2410344, 2410345, 2410346, 2410347, 2410348, 2410349, 2410350, 2410351, 2410352, 2410353, 2410354, 2410355, 2410356, 2410357, 2410358, 2410359, 2410360, 2410361, 2410362, 2410363, 2410364, 2410365, 2410366, 2410367, 2410368, 2410369, 2410370, 2410371, 2410372, 2410373, 2410374, 2410375, 2410376, 2410377, 2410378, 2410379, 2410380, 2410381, 2410382, 2410383, 2410384, 2410385, 2410386, 2410387, 2410388, 2410389, 2410391, 2410392, 2410393, 2410394, 2410395, 2410396, 2410397, 2410398, 2410399, 2410400, 2410401, 2410402, 2410403, 2410404, 2410405, 2410406, 2410407, 2410408, 2410409, 2410410, 2410411, 2410412, 2410413, 2410414, 2410415, 2410416, 2410417, 2410418, 2410419, 2410420, 2410421, 2410422, 2410423, 2410424, 2410425, 2410426, 2410427, 2410428, 2410429, 2410430, 2410431, 2410432, 2410433, 2410434, 2410435, 2410436, 2410437, 2410438, 2410439, 2410440, 2410441, 2410442, 2410443, 2410444, 2410445, 2410446, 2410447, 2410448, 2410449, 2410450, 2410451, 2410452, 2410453, 2410454, 2410455, 2410456, 2410457, 2410458, 2410459, 2410461, 2410462, 2410463, 2410464, 2410465, 2410466, 2410467, 2410468, 2410470, 2410471, 2410472, 2410473, 2410474, 2410475, 2410481, 2410482, 2410483, 2410484, 2410485, 2410486, 2410487, 2410488, 2410491, 2410492, 2410493, 2410494, 2410495, 2410496, 2410497, 2410498, 2410499, 2410501, 2410502, 2410503, 2410504, 2410505, 2410507, 2410508, 2410509, 2410510, 2410511, 2410513, 2410516, 2410517, 2410518, 2410519, 2410520, 2410521, 2410522, 2410523, 2410524, 2410526, 2410527, 2410528, 2410530, 2410531, 2410534, 2410535, 2410536, 2410537, 2410538, 2410540, 2410541, 2410542, 2410543, 2410545, 2410549, 2410550, 2410551, 2410552, 2410553, 2410554, 2410556, 2410558, 2410559, 2410560, 2410564, 2410565, 2410566, 2410567, 2410568, 2410569, 2410570, 2410571, 2410572, 2410573, 2410574, 2410575, 2410576, 2410577, 2410580, 2410581, 2410582, 2410583, 2410584, 2410585, 2410586, 2410587, 2410588, 2410589, 2410590, 2410591, 2410592, 2410593, 2410595, 2410596, 2410597, 2410598, 2410601, 2410602, 2410603, 2410604, 2410605, 2410606, 2410607, 2410608, 2410609, 2410610, 2410611, 2410612, 2410613, 2410614, 2410615, 2410616, 2410617, 2410618, 2410619, 2410620, 2410621, 2410622, 2410623, 2410624, 2410625, 2410626, 2410627, 2410628, 2410629, 2410630, 2410631, 2410632, 2410633, 2410634, 2410635, 2410636, 2410637, 2410638, 2410639, 2410640, 2410641, 2410642, 2410643, 2410644, 2410645, 2410646, 2410647, 2410648, 2410649, 2410650, 2410651, 2410652, 2410653, 2410654, 2410655, 2410656, 2410657, 2410658, 2410659, 2410660, 2410662, 2410663, 2410664, 2410665, 2410666, 2410667, 2410668, 2410669, 2410670, 2410671, 2410672, 2410673, 2410674, 2410675, 2410676, 2410677, 2410678, 2410679, 2410680, 2410681, 2410682, 2410683, 2410684, 2410685, 2410686, 2410687, 2410688, 2410689, 2410690, 2410691, 2410692, 2410693, 2410694, 2410695, 2410696, 2410697, 2410698, 2410699, 2410700, 2410701, 2410702, 2410703, 2410704, 2410705, 2410706, 2410707, 2410708, 2410709, 2410710, 2410711, 2410712, 2410713, 2410714, 2410715, 2410716, 2410717, 2410718, 2410719, 2410720, 2410722, 2410723, 2410724, 2410725, 2410726, 2410727, 2410728, 2410729, 2410730, 2410732, 2410733, 2410734, 2410735, 2410736, 2410741, 2410742, 2410743, 2410744, 2410745, 2410746, 2410747, 2410750, 2410751, 2410752, 2410753, 2410754, 2410755, 2410756, 2410757, 2410758, 2410759, 2410760, 2410761, 2410762, 2410764, 2410765, 2410766, 2410767, 2410771, 2410772, 2410773, 2410774, 2410775, 2410776, 2410777, 2410778, 2410779, 2410780, 2410782, 2410783, 2410784, 2410785, 2410786, 2410788, 2410789, 2410792, 2410793, 2410794, 2410795, 2410796, 2409897, 2409917, 2409918, 2409971, 2409972, 2409981, 2409990, 2409992, 2409996, 2409997, 2409998, 2410013, 2410014, 2410113, 2410185, 2410201, 2410202, 2410203, 2410204, 2410213, 2410214, 2410226, 2410233, 2410246, 2410249, 2410251, 2410257, 2410263, 2410265, 2410266, 2410276, 2410278, 2410283, 2410284, 2410285, 2410299, 2410300, 2410316, 2410390, 2410460, 2410469, 2410476, 2410477, 2410478, 2410479, 2410489, 2410490, 2410500, 2410506, 2410512, 2410514, 2410515, 2410525, 2410529, 2410532, 2410533, 2410539, 2410544, 2410546, 2410547, 2410548, 2410555, 2410557, 2410561, 2410562, 2410563, 2410578, 2410579, 2410594, 2410599, 2410600, 2410661, 2410721, 2410731, 2410737, 2410738, 2410739, 2410740, 2410748, 2410749, 2410763, 2410768, 2410769, 2410770, 2410781, 2410787, 2410790, 2410791, 2410797    
Bug Blocks:    

Description OSIDB Bzimport 2025-10-29 23:01:49 UTC 
Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion.
Comment 1 Debarshi Ray 2025-11-05 11:55:28 UTC 
This is fixed in Go versions 1.25.2:
https://github.com/golang/go/commit/e0f655bf3f96410f90756f49532bc6a1851855ca

... and 1.24.8:
https://github.com/golang/go/commit/5c3d61c886f7ecfce9a6d6d3c97e6d5a8afb17d1