CVE-2025-6966

NULL pointer dereference in TagSection.keys() in python-apt on APT-based 
Linux systems allows a local attacker to cause a denial of service 
(process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
canonicalCNA
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
python-apt
bullseye
vulnerable
bookworm
vulnerable
forky
vulnerable
sid
vulnerable
trixie
vulnerable
Common Weakness Enumeration
References
https://bugs.launchpad.net/ubuntu/+source/python-apt/+bug/2091865