CVE-2016-4008 (retired)

Priority
Description
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1
before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows
remote attackers to cause a denial of service (infinite recursion) via a
crafted certificate.
Assigned-to
mdeslaur
Package
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):released (2.10-1ubuntu1.5)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-03-26 12:20:33 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)