CVE-2024-12133

Опубликовано: 10 фев. 2025

Источник: redhat

CVSS3: 5.3

Описание

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 10	libtasn1	Affected
Red Hat Enterprise Linux 6	libtasn1	Out of support scope
Red Hat Enterprise Linux 7	libtasn1	Out of support scope
Red Hat OpenShift Container Platform 4	rhcos	Fix deferred
Red Hat Enterprise Linux 8	libtasn1	Fixed	RHSA-2025:4049	23.04.2025
Red Hat Enterprise Linux 8	libtasn1	Fixed	RHSA-2025:4049	23.04.2025
Red Hat Enterprise Linux 9	libtasn1	Fixed	RHSA-2025:7077	13.05.2025
Red Hat Enterprise Linux 9	libtasn1	Fixed	RHSA-2025:7077	13.05.2025
Red Hat Enterprise Linux 9.4 Extended Update Support	libtasn1	Fixed	RHSA-2025:8021	20.05.2025
Red Hat Discovery 1.14	registry.redhat.io/discovery/discovery-server-rhel9	Fixed	RHSA-2025:8385	02.06.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-407

https://bugzilla.redhat.com/show_bug.cgi?id=2344611libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2024-12133

CVSS3: 5.3

ubuntu

6 месяцев назад

CVE-2024-12133

CVSS3: 5.3

nvd

6 месяцев назад

CVE-2024-12133

CVSS3: 5.3

msrc

5 месяцев назад

Описание отсутствует

CVE-2024-12133

CVSS3: 5.3

debian

6 месяцев назад

A flaw in libtasn1 causes inefficient handling of specific certificate ...

SUSE-SU-2025:0548-1

suse-cvrf

6 месяцев назад

Security update for libtasn1

5.3 Medium

CVSS3