Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

CVE

CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it...
Back to all
CVE

CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it...

In RNP version 0.18.0 a refactoring regression causes the symmetric 

session key used for Public-Key Encrypted Session Key (PKESK) packets to

 be left uninitialized except for zeroing, resulting in it always being 

an all-zero byte array.

Any data encrypted using public-key encryption 

in this release can be decrypted trivially by supplying an all-zero 

session key, fully compromising confidentiality.

The vulnerability affects only public key encryption (PKESK packets).  Passphrase-based encryption (SKESK packets) is not affected.

Root cause: Vulnerable session key buffer used in PKESK packet generation.

The defect was introduced in commit 7bd9a8dc356aae756b40755be76d36205b6b161a where initialization 

logic inside encryptedbuildskesk() only randomized the key for the 

SKESK path and omitted it for the PKESK path.

Package Versions Affected

Package Version
patch Availability
No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request

CVSS Version

Severity
Base Score
CVSS Version
Score Vector
C
H
U
7.7
-
4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:H/U:Red
C
H
U
0
-
C
H
U
-

Related Resources

No items found.

References

https://access.redhat.com/security/cve/cve-2025-13402, https://aur.archlinux.org/packages/rnp, https://github.com/rnpgp/rnp/releases/tag/v0.18.1, https://launchpad.net/ubuntu/+source/rnp, https://packages.gentoo.org/packages/dev-util/librnp, https://open.ribose.com/advisories/ra-2025-11-20/, https://bugzilla.redhat.com/show_bug.cgi?id=2415863, https://github.com/rnpgp/rnp/commit/7bd9a8dc356aae756b40755be76d36205b6b161a

Severity

0

CVSS Score
0
10

Basic Information

Ecosystem
Base CVSS
0
EPSS Probability
0.00028%
EPSS Percentile
0.0749%
Introduced Version
0
Fix Available
aad1892e4d8423398a0b973bd0a7e4544c359afc

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.
Fix Without Upgrading