CVE-2025-69277
📋 TL;DR
This vulnerability in libsodium's crypto_core_ed25519_is_valid_point function incorrectly validates elliptic curve points in certain custom cryptography scenarios, potentially allowing invalid points to be accepted as valid. This affects applications using libsodium for custom cryptographic implementations or processing untrusted data with this specific function. The impact is limited to specific use cases rather than default configurations.
💻 Affected Systems
- libsodium
- PyNaCl (Python binding)
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Cryptographic protocol failures leading to potential authentication bypass, data integrity compromise, or privilege escalation in systems relying on custom Ed25519 implementations with untrusted input.
Likely Case
Cryptographic validation errors in custom implementations causing application failures or unexpected behavior, but unlikely to lead to direct security breaches in standard configurations.
If Mitigated
Minimal impact as most applications use libsodium's standard APIs correctly and don't pass untrusted data to the low-level validation function.
🎯 Exploit Status
Exploitation requires specific knowledge of custom cryptographic implementations and access to pass malicious data to the vulnerable function. No public exploits have been reported.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: libsodium commit ad3004e (2025-12-30), PyNaCL commits 9631488 and ecf41f5
Vendor Advisory: https://00f.net/2025/12/30/libsodium-vulnerability/
Restart Required: Yes
Instructions:
1. Update libsodium to version including commit ad3004e or later. 2. For Python applications using PyNaCl, update to version including commits 9631488 and ecf41f5. 3. Rebuild and restart applications using the updated library.
🔧 Temporary Workarounds
Avoid custom crypto implementations
allEnsure applications use standard libsodium APIs rather than calling crypto_core_ed25519_is_valid_point directly with untrusted data.
🧯 If You Can't Patch
- Review code for direct calls to crypto_core_ed25519_is_valid_point with untrusted input and implement additional validation
- Isolate applications using custom cryptographic implementations from untrusted data sources
🔍 How to Verify
Check if Vulnerable:
Check libsodium version or commit hash. For libsodium: verify version predates commit ad3004e (2025-12-30). For PyNaCl: verify version predates commits 9631488 and ecf41f5.Check Version:
For libsodium: `sodium_version_string()` in code or check build metadata. For PyNaCl: `python -c "import nacl; print(nacl.__version__)"`Verify Fix Applied:
Confirm libsodium includes commit ad3004e or later, or PyNaCl includes commits 9631488 and ecf41f5. Test custom cryptographic implementations that use crypto_core_ed25519_is_valid_point.📡 Detection & Monitoring
Log Indicators:
- Unexpected cryptographic validation failures
- Application errors in custom crypto implementations
Network Indicators:
- Unusual patterns in cryptographic protocol communications
SIEM Query:
Search for application logs containing errors related to cryptographic validation or libsodium function failures🔗 References
- https://00f.net/2025/12/30/libsodium-vulnerability/
- https://github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1bae
- https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7
- https://github.com/pyca/pynacl/commit/ecf41f55a3d8f1e10ce89c61c4b4d67f3f4467cf
- https://github.com/pyca/pynacl/issues/920
- https://ianix.com/pub/ed25519-deployment.html
- https://news.ycombinator.com/item?id=46435614
- https://lists.debian.org/debian-lts-announce/2026/01/msg00004.html
