Project

General

Profile

Bug #7326

libtasn1: asn1_find_node() based stackoverflow (CVE-2017-6891)

Added by Alicha CH almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
-
Start date:
05/25/2017
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based
buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.

References:

https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/
https://nvd.nist.gov/vuln/detail/CVE-2017-6891

Patch:

http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=5520704d075802df25ce4ffccc010ba1641bd484


Subtasks

Bug #7327: [3.7] libtasn1: asn1_find_node() based stackoverflow (CVE-2017-6891)ClosedFrancesco Colista

Bug #7328: [3.6] libtasn1: asn1_find_node() based stackoverflow (CVE-2017-6891)ClosedFrancesco Colista

Bug #7329: [3.5] libtasn1: asn1_find_node() based stackoverflow (CVE-2017-6891)ClosedFrancesco Colista

Bug #7330: [3.4] libtasn1: asn1_find_node() based stackoverflow (CVE-2017-6891)ClosedFrancesco Colista

Bug #7331: [3.3] libtasn1: asn1_find_node() based stackoverflow (CVE-2017-6891)ClosedFrancesco Colista

History

#1 Updated by Francesco Colista almost 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from New to Closed
  • Assignee changed from Natanael Copa to Francesco Colista

Also available in: Atom PDF