Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-68121

Опубликовано: 05 фев. 2026
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 10

Описание

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.

РелизСтатусПримечание
devel

DNE

jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

needed

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

not-affected

code not present
esm-infra-legacy/xenial

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/xenial

not-affected

code not present
jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

not-affected

code not present

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps-legacy/xenial

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra/focal

not-affected

code not present
jammy

not-affected

code not present
noble

DNE

questing

DNE

resolute

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

not-affected

code not present
jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

not-affected

code not present

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needed

esm-apps/focal

needed

jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

jammy

needed

noble

DNE

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps-legacy/xenial

needed

esm-apps/bionic

needed

esm-apps/focal

needed

esm-apps/xenial

ignored

end of ESM support, was needed
jammy

needed

noble

DNE

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

needed

esm-apps/jammy

needed

jammy

needed

noble

DNE

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

needed

esm-apps/jammy

needed

esm-apps/noble

needed

jammy

needed

noble

needed

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

needed

esm-apps/jammy

needed

jammy

needed

noble

needed

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

needed

esm-apps/jammy

needed

esm-apps/noble

needed

esm-apps/resolute

needed

jammy

needed

noble

needed

questing

needed

resolute

needed

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

needed

esm-apps/jammy

needed

esm-apps/noble

needed

jammy

needed

noble

needed

questing

needed

resolute

needed

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

needed

jammy

DNE

noble

DNE

questing

needed

resolute

needed

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/xenial

not-affected

code not present
esm-infra/xenial

not-affected

code not present
jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

not-affected

code not present

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

not-affected

code not present
jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

not-affected

code not present

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

not-affected

code not present
jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 51%
0.00765
Низкий

10 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-68121

CVSS3: 7.4
redhat
5 месяцев назад

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.

nvd логотип

CVE-2025-68121

CVSS3: 10
nvd
5 месяцев назад

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.

msrc логотип

CVE-2025-68121

msrc
4 месяца назад

Unexpected session resumption in crypto/tls

debian логотип

CVE-2025-68121

CVSS3: 10
debian
5 месяцев назад

During session resumption in crypto/tls, if the underlying Config has ...

rocky логотип

RLSA-2026:3842

rocky
4 месяца назад

Moderate: delve security update

EPSS

Процентиль: 51%
0.00765
Низкий

10 Critical

CVSS3

Уязвимость CVE-2025-68121