cve 2025 68973

CVE-2025-68973 is a vulnerability in GnuPG's ASCII-armor parser that can cause an out-of-bounds write leading to memory corruption when processing crafted input. The upstream GnuPG project has issued a targeted code fix, and downstream distributions are working to roll the patch into their packages. GnuPG is a widely used tool for OpenPGP encryption and signing on Unix-like systems, making this security issue relevant to users who rely on cryptographic operations. The tag covers discussion of the vulnerability details, the fix, and the patch rollout process across various Linux distributions.