{
  "threat_severity" : "Moderate",
  "public_date" : "2025-12-31T01:15:36Z",
  "bugzilla" : {
    "description" : "cbor2: cbor2: Information Disclosure via shared memory in CBORDecoder reuse",
    "id" : "2426395",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2426395"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.3",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-212",
  "details" : [ "cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory and can be accessed by subsequent CBOR messages using the sharedref tag (29). This allows an attacker-controlled message to read data from previously decoded messages if the decoder is reused across trust boundaries. Version 5.8.0 patches the issue.", "A flaw was found in cbor2. When a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28) persist in memory. This allows an attacker-controlled message to read sensitive data from previously decoded messages if the decoder is reused across trust boundaries, leading to information disclosure." ],
  "statement" : "This vulnerability is rated Moderate for Red Hat products. The flaw in cbor2 allows information disclosure if a CBORDecoder instance is reused across trust boundaries. This could lead to an attacker-controlled message reading sensitive data from previously decoded messages. This affects Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI when processing untrusted CBOR data with a reused decoder.",
  "affected_release" : [ {
    "product_name" : "Red Hat AI Inference Server 3.2",
    "release_date" : "2026-03-25T00:00:00Z",
    "advisory" : "RHSA-2026:5809",
    "cpe" : "cpe:/a:redhat:ai_inference_server:3.2::el9",
    "package" : "rhaiis/vllm-cuda-rhel9:1774351144"
  }, {
    "product_name" : "Red Hat AI Inference Server 3.2",
    "release_date" : "2026-04-07T00:00:00Z",
    "advisory" : "RHSA-2026:6761",
    "cpe" : "cpe:/a:redhat:ai_inference_server:3.2::el9",
    "package" : "rhaiis/model-opt-cuda-rhel9:1774547384"
  }, {
    "product_name" : "Red Hat AI Inference Server 3.2",
    "release_date" : "2026-04-07T00:00:00Z",
    "advisory" : "RHSA-2026:6762",
    "cpe" : "cpe:/a:redhat:ai_inference_server:3.2::el9",
    "package" : "rhaiis/vllm-rocm-rhel9:1775252598"
  }, {
    "product_name" : "Red Hat OpenShift AI 2.25",
    "release_date" : "2026-04-23T00:00:00Z",
    "advisory" : "RHSA-2026:10184",
    "cpe" : "cpe:/a:redhat:openshift_ai:2.25::el9",
    "package" : "rhoai/odh-vllm-cpu-rhel9:1776259063"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat AI Inference Server",
    "fix_state" : "Affected",
    "package_name" : "rhaiis/vllm-spyre-rhel9",
    "cpe" : "cpe:/a:redhat:ai_inference_server:3"
  }, {
    "product_name" : "Red Hat AI Inference Server",
    "fix_state" : "Affected",
    "package_name" : "rhaiis/vllm-tpu-rhel9",
    "cpe" : "cpe:/a:redhat:ai_inference_server:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Out of support scope",
    "package_name" : "rhelai3/bootc-aws-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Out of support scope",
    "package_name" : "rhelai3/bootc-azure-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Out of support scope",
    "package_name" : "rhelai3/bootc-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Out of support scope",
    "package_name" : "rhelai3/bootc-gcp-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Fix deferred",
    "package_name" : "rhoai/odh-vllm-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Fix deferred",
    "package_name" : "rhoai/odh-vllm-rocm-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-68131\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-68131\nhttps://github.com/agronholm/cbor2/pull/268\nhttps://github.com/agronholm/cbor2/security/advisories/GHSA-wcj4-jw5j-44wh" ],
  "name" : "CVE-2025-68131",
  "mitigation" : {
    "value" : "To mitigate this issue, applications utilizing the `cbor2` library should avoid reusing `CBORDecoder` instances when processing data from different trust levels. If `CBORDecoder` reuse is unavoidable, ensure that sensitive data is not processed by a decoder instance that will subsequently handle untrusted input. This operational control prevents an attacker from accessing prior decoded information.",
    "lang" : "en:us"
  },
  "csaw" : false
}