CVE-2017-10790
Description
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.394
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Library to manage ASN.1 structures (USN-3309-1) libtasn1-6_3.4-3ubuntu0.6_i386.deb | Linux |
| Library to manage ASN.1 structures (USN-3309-1) libtasn1-6_3.4-3ubuntu0.6_amd64.deb | Linux |
| Library to manage ASN.1 structures (USN-3309-1) libtasn1-6_4.7-3ubuntu0.16.04.3_i386.deb | Linux |
| Library to manage ASN.1 structures (USN-3309-1) libtasn1-6_4.7-3ubuntu0.16.04.3_amd64.deb | Linux |
| Library to manage ASN.1 structures (USN-3547-1) libtasn1-6_3.4-3ubuntu0.6_amd64.deb | Linux |
| Library to manage ASN.1 structures (USN-3547-1) libtasn1-6_3.4-3ubuntu0.6_i386.deb | Linux |
| Library to manage ASN.1 structures (USN-3547-1) libtasn1-6_4.12-2.1ubuntu0.1_amd64.deb | Linux |
| Library to manage ASN.1 structures (USN-3547-1) libtasn1-6_4.12-2.1ubuntu0.1_i386.deb | Linux |
| Library to manage ASN.1 structures (USN-3547-1) libtasn1-6_4.7-3ubuntu0.16.04.3_amd64.deb | Linux |
| Library to manage ASN.1 structures (USN-3547-1) libtasn1-6_4.7-3ubuntu0.16.04.3_i386.deb | Linux |
| libtasn1-6 security update(DSA-4106-1) libtasn1-6_4.10-1.1+deb9u1_i386.deb | Linux |
| libtasn1-6 security update(DSA-4106-1) libtasn1-6_4.10-1.1+deb9u1_amd64.deb | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Desktop 12-SP3 ) gnutls-3.3.27-3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Desktop 12-SP3 ) gnutls-debuginfo-3.3.27-3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Desktop 12-SP3 ) gnutls-debugsource-3.3.27-3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Server 12-SP3 ) libgnutls-openssl27-3.3.27-3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Server 12-SP3 ) libgnutls-openssl27-debuginfo-3.3.27-3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Desktop 12-SP3 ) libgnutls28-3.3.27-3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Desktop 12-SP3 ) libgnutls28-32bit-3.3.27-3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Desktop 12-SP3 ) libgnutls28-debuginfo-3.3.27-3.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:2842-1(SUSE Linux Enterprise Desktop 12-SP3 ) libgnutls28-debuginfo-32bit-3.3.27-3.3.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234