Packages
- pyasn1 - ASN.1 library for Python
Details
It was discovered that pyasn1 could exhaust system resources when
attempting to decode a malformed certificate. An attacker could
possibly use this to cause a denial of service. (CVE-2026-23490)
Kevin Tu discovered that pyasn1 could exhaust system resources via
uncontrolled recursion when attempting to decode malicously-crafted
certificates. An attacker could possibly use this to cause a denial of
service. (CVE-2026-30922)
It was discovered that pyasn1 could exhaust system resources when
attempting to decode a malformed certificate. An attacker could
possibly use this to cause a denial of service. (CVE-2026-23490)
Kevin Tu discovered that pyasn1 could exhaust system resources via
uncontrolled recursion when attempting to decode malicously-crafted
certificates. An attacker could possibly use this to cause a denial of
service. (CVE-2026-30922)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 20.04 LTS focal | pypy-pyasn1 – 0.4.2-3ubuntu0.20.04.1~esm1 | ||
| python-pyasn1 – 0.4.2-3ubuntu0.20.04.1~esm1 | |||
| python3-pyasn1 – 0.4.2-3ubuntu0.20.04.1~esm1 | |||
| 18.04 LTS bionic | pypy-pyasn1 – 0.4.2-3ubuntu0.18.04.1~esm1 | ||
| python-pyasn1 – 0.4.2-3ubuntu0.18.04.1~esm1 | |||
| python3-pyasn1 – 0.4.2-3ubuntu0.18.04.1~esm1 | |||
| 16.04 LTS xenial | pypy-pyasn1 – 0.1.9-1ubuntu0.1~esm1 | ||
| python-pyasn1 – 0.1.9-1ubuntu0.1~esm1 | |||
| python3-pyasn1 – 0.1.9-1ubuntu0.1~esm1 | |||
| 14.04 LTS trusty | python-pyasn1 – 0.1.7-1ubuntu2.1+esm1 | ||
| python3-pyasn1 – 0.1.7-1ubuntu2.1+esm1 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.