Bug 2342464 (CVE-2025-22865) - CVE-2025-22865 crypto/x509: ParsePKCS1PrivateKey panic with partial keys in crypto/x509
Summary: CVE-2025-22865 crypto/x509: ParsePKCS1PrivateKey panic with partial keys in c...
Keywords:
Status: NEW
Alias: CVE-2025-22865
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2342743 2342744 2342745 2350501 2342736 2342737 2342738 2342741 2342742
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-01-28 02:01 UTC by OSIDB Bzimport
Modified: 2025-06-17 08:27 UTC (History)
117 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-01-28 02:01:18 UTC 
Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed.
Note You need to log in before you can comment on or make changes to this bug.