Python-Apt NULL Deref in TagSection.keys() via Malformed deb822 Key (DoS)
CVE-2025-6966 Published on December 5, 2025
Null-pointer dereference in python-apt TagSection.keys()
NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
Weakness Type
NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.
Affected Versions
Canonical python-apt:- Version 3.0 and below 3.0.0ubuntu1.1 is affected.
- Version 3.0 and below 3.0.0ubuntu0.25.04.1 is affected.
- Version 2.7 and below 2.7.7ubuntu5.1 is affected.
- Version 2.4 and below 2.4.0ubuntu4.1 is affected.
- Version 2.0 and below 2.0.1ubuntu0.20.04.1+esm1 is affected.
- Version 1.6 and below 1.6.6ubuntu0.1~esm1 is affected.
- Version 1.1 and below 1.1.0~beta1ubuntu0.16.04.12+esm1 is affected.
- Before 0.9.3.5ubuntu3+esm5 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.