Jump to:

CVE-2024-12133

Jump to:

CVE-2024-12133

Package libtasn1 updated to version 4.20.0-alt1 for branch sisyphus in task 374932.

Published: 2025-02-10
Modified: 2025-02-21

CVE-2024-12133

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.

References:

http://www.openwall.com/lists/oss-security/2025/02/06/6
https://access.redhat.com/security/cve/CVE-2024-12133
RHBZ#2344611
https://gitlab.com/gnutls/libtasn1/-/issues/52
https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html

Version: 2.1.0

Package libtasn1 update in sisyphus on 2025-02-15

ALT-PU-2025-2846-1

Closed vulnerabilities

CVE-2024-12133