🕵️ GNU Libtasn1 3.0 up to 3.5 lib/decoding.c null pointer dereference
Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com
A vulnerability, which was classified as critical, was found in GNU Libtasn1 3.0 up to 3.5. This affects the function asn1_get_tag_der/_asn1_get_indefinite_length_string/asn1_der_decoding/asn1_der_decoding_startEnd/_asn1_extract_tag_der/_asn1_get_octet_string/_asn1_extract_der_octet/_asn1_get_time_der
in the library lib/decoding.c. Upgrading to version 3.6 eliminates this vulnerability. The upgrade is hosted for download at ftp.gnu.org. Applying a patch is able to eliminate this problem. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published immediately after the disclosure of the vulnerability. ...