ALT-PU-2023-1076-1

Package update libtasn1 in branch c9f2

Version4.14-alt1.c9f2.1

Task#313110

Published2023-01-18

Max severityCRITICAL

Severity:

Closed issues (2)

BDU:2022-06694

CRITICAL9.1

Уязвимость функции asn1_encode_simple_der() библиотеки Libtasn1, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании

Published: 2022-11-09Modified: 2026-01-20

CVSS 3.xCRITICAL 9.1

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CVSS 2.0CRITICAL 9.4

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C

References

CVE-2021-46848

CVE-2021-46848

CRITICAL9.1

GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.

Published: 2022-10-24Modified: 2025-05-07

CVSS 3.xCRITICAL 9.1

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References

https://bugs.gentoo.org/866237
https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5
https://gitlab.com/gnutls/libtasn1/-/issues/32
https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/
https://security.netapp.com/advisory/ntap-20221118-0006/
https://bugs.gentoo.org/866237
https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5
https://gitlab.com/gnutls/libtasn1/-/issues/32
https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/
https://security.netapp.com/advisory/ntap-20221118-0006/