CVE-2025-67897 is a vulnerability identified in the sequoia-pgp cryptographic library, specifically affecting versions prior to 2.1.0. The root cause is a signed to unsigned conversion error (CWE-195) in the aes_key_unwrap function, which is responsible for decrypting wrapped AES keys within encrypted messages. When this function receives a ciphertext that is shorter than expected, it triggers a panic due to improper handling of the length parameter, which is interpreted incorrectly because of the signed to unsigned conversion issue. An attacker can exploit this by crafting a malicious encrypted message containing a malformed PKESK (Public-Key Encrypted Session Key) or SKESK (Symmetric-Key Encrypted Session Key) packet that is too short. Upon processing this message, the vulnerable application crashes, resulting in a denial of service. The attack vector is remote and requires no privileges but does require user interaction, as the victim must process the malicious encrypted message. The attack complexity is high because the attacker must craft a valid encrypted message that triggers the flaw without breaking cryptographic constraints. The vulnerability does not expose confidential data or allow integrity violations but impacts availability by causing application crashes. No patches or exploits are currently publicly available, but the issue is documented and assigned CVE-2025-67897 with a CVSS v3.1 base score of 5.3, reflecting medium severity. The vulnerability highlights the importance of robust input validation and error handling in cryptographic libraries to prevent denial of service conditions.

For European organizations, the primary impact of CVE-2025-67897 is denial of service through application crashes when processing malicious encrypted messages. Organizations relying on sequoia-pgp for secure email, file encryption, or cryptographic operations may experience service interruptions, potentially affecting business continuity and user trust. Although no confidentiality or integrity breach occurs, repeated or targeted exploitation could disrupt secure communications or automated cryptographic workflows. This is particularly relevant for sectors with high dependence on encryption such as finance, government, healthcare, and critical infrastructure. The requirement for user interaction limits mass exploitation but targeted spear-phishing or malicious message injection could be effective. The medium severity score reflects moderate risk, but organizations with high availability requirements should prioritize mitigation. Additionally, the lack of known exploits in the wild reduces immediate risk but does not preclude future attacks once exploit techniques become public. European entities must assess their use of sequoia-pgp and related software to understand exposure and potential operational impacts.

1. Upgrade sequoia-pgp to version 2.1.0 or later as soon as the patch is released to ensure the vulnerability is fixed. 2. Until patching is possible, implement strict input validation on encrypted messages to detect and reject malformed PKESK or SKESK packets that are shorter than expected. 3. Enhance error handling in applications using sequoia-pgp to gracefully handle unexpected input without panicking or crashing, possibly by catching exceptions or using safe wrappers around cryptographic calls. 4. Employ network-level filtering or email gateway protections to detect and block suspicious encrypted messages that could exploit this vulnerability. 5. Educate users about the risks of processing unexpected encrypted messages, especially from unknown or untrusted sources, to reduce the likelihood of user interaction with malicious content. 6. Monitor application logs for crashes or unusual behavior related to encrypted message processing to detect potential exploitation attempts. 7. Coordinate with software vendors and open-source communities to stay informed about patches and advisories related to sequoia-pgp.