Описание
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
Ссылки
- http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?id=c593ae84cfcde8fea45787e53950e0ac71e9ca97PatchVendor Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?id=c593ae84cfcde8fea45787e53950e0ac71e9ca97PatchVendor Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.12 (включая)
cpe:2.3:a:gnu:libtasn1:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01584
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-674
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 8 лет назад
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
CVSS3: 7.5
redhat
около 8 лет назад
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
CVSS3: 7.5
debian
около 8 лет назад
An issue was discovered in the _asn1_decode_simple_ber function in dec ...
EPSS
Процентиль: 81%
0.01584
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-674