CVE-2015-3622
Published: 1 May 2015
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.
Priority
Status
Package | Release | Status |
---|---|---|
libtasn1-3 Launchpad, Ubuntu, Debian |
precise |
Released
(2.10-1ubuntu1.4)
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
libtasn1-6 Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
trusty |
Released
(3.4-3ubuntu0.3)
|
|
upstream |
Released
(4.4-3)
|
|
utopic |
Released
(4.0-2ubuntu0.2)
|
|
vivid |
Released
(4.2-2ubuntu1.1)
|
|
Patches: upstream: http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=f979435823a02f842c41d49cd41cc81f25b5d677 |