CVE-2012-1569

critical

Description

The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.

References

https://bugzilla.redhat.com/show_bug.cgi?id=804920

http://www.ubuntu.com/usn/USN-1436-1

http://www.securitytracker.com/id?1026829

http://www.openwall.com/lists/oss-security/2012/03/21/5

http://www.openwall.com/lists/oss-security/2012/03/20/8

http://www.openwall.com/lists/oss-security/2012/03/20/3

http://www.mandriva.com/security/advisories?name=MDVSA-2012:039

http://www.gnu.org/software/gnutls/security.html

http://www.debian.org/security/2012/dsa-2440

http://secunia.com/advisories/57260

http://secunia.com/advisories/50739

http://secunia.com/advisories/49002

http://secunia.com/advisories/48596

http://secunia.com/advisories/48578

http://secunia.com/advisories/48505

http://secunia.com/advisories/48488

http://secunia.com/advisories/48397

http://rhn.redhat.com/errata/RHSA-2012-0531.html

http://rhn.redhat.com/errata/RHSA-2012-0488.html

http://rhn.redhat.com/errata/RHSA-2012-0427.html

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076699.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078207.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077339.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077284.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076865.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html

http://linux.oracle.com/errata/ELSA-2014-0596.html

http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54

http://article.gmane.org/gmane.comp.gnu.libtasn1.general/53

http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932

http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html

Details

Source: Mitre, NVD

Published: 2012-03-26

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical