CVE-2016-4008 (retired)

Priority
Description
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1
before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows
remote attackers to cause a denial of service (infinite recursion) via a
crafted certificate.
Assigned-to
mdeslaur
Notes
Package
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):released (2.10-1ubuntu1.5)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-10-09 07:56:18 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)