[arch-security] [ASA-201505-5] libtasn1: arbitrary code execution
anthraxx at archlinux.org
Fri May 8 14:20:22 UTC 2015
Arch Linux Security Advisory ASA-201505-5
Date : 2015-05-08
CVE-ID : CVE-2015-3622
Package : libtasn1
Type : arbitrary code execution
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
The package libtasn1 before version 4.5-1 is vulnerable to arbitrary
Upgrade to 4.5-1.
# pacman -Syu "libtasn1>=4.5-1"
The problem has been fixed upstream in version 4.5.
A heap-based buffer overflow flaw was found in the way the libtasn1
library decoded certain DER-encoded input. A specially crafted,
DER-encoded input could cause an application using libtasn1 to perform
an invalid read, causing the application to crash or, possibly, execute
The heap overflow happens in the function _asn1_extract_der_octet() that
is called during decoding of DER-encoded input.
A remote attacker is able to use a specially crafted certificate that is
leading to arbitrary code execution during decoding.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the arch-security