FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libtasn1 -- ASN.1 length decoding vulnerability

Affected packages
libtasn1 < 2.12
gnutls < 2.12.18
2.99 < gnutls-devel < 3.0.16


VuXML ID 2e7e9072-73a0-11e1-a883-001cc0a36e12
Discovery 2012-03-20
Entry 2012-03-21
Modified 2012-03-24

Mu Dynamics, Inc. reports:

Various functions using the ASN.1 length decoding logic in Libtasn1 were incorrectly assuming that the return value from asn1_get_length_der is always less than the length of the enclosing ASN.1 structure, which is only true for valid structures and not for intentionally corrupt or otherwise buggy structures.


CVE Name CVE-2012-1569