Описание
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | released | 2.10-1ubuntu1.5 |
| precise/esm | not-affected | 2.10-1ubuntu1.5 |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needed | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.8-1 |
| esm-infra-legacy/trusty | released | 3.4-3ubuntu0.4 |
| esm-infra/xenial | released | 4.7-3ubuntu0.16.04.1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | released | 3.4-3ubuntu0.4 |
| trusty/esm | released | 3.4-3ubuntu0.4 |
| upstream | released | 4.8 |
| vivid/stable-phone-overlay | ignored | end of life, was pending |
| vivid/ubuntu-core | released | 4.2-2ubuntu1.2 |
Показывать по
4.3 Medium
CVSS2
5.9 Medium
CVSS3
Связанные уязвимости
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 ...
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
4.3 Medium
CVSS2
5.9 Medium
CVSS3