CVE-2017-10790

The asn1checkidentifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1node structure. It may lead to a remote denial of service attack.

References

Affected packages

Git / gitlab.com/gnutls/libtasn1

Affected ranges

Type

GIT

Repo

https://gitlab.com/gnutls/libtasn1

Events

Introduced

Last affected

4bc67882e72929732b1d9cccc73e606f3a44f542

Database specific

{
    "cpe": "cpe:2.3:a:gnu:libtasn1:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.12"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

Other

gnutls_0_5_0

gnutls_0_5_1

libasn1_0_1_0

libtasn1-0-3-2

libtasn1_0_1_2

libtasn1_0_2_0

libtasn1_0_2_1

libtasn1_0_2_10

libtasn1_0_2_11

libtasn1_0_2_12

libtasn1_0_2_13

libtasn1_0_2_14

libtasn1_0_2_15

libtasn1_0_2_16

libtasn1_0_2_17

libtasn1_0_2_18

libtasn1_0_2_2

libtasn1_0_2_3

libtasn1_0_2_4

libtasn1_0_2_5

libtasn1_0_2_6

libtasn1_0_2_7

libtasn1_0_2_8

libtasn1_0_2_9

libtasn1_0_3_0

libtasn1_0_3_1

libtasn1_0_3_10

libtasn1_0_3_2

libtasn1_0_3_3

libtasn1_0_3_4

libtasn1_0_3_5

libtasn1_0_3_6

libtasn1_0_3_7

libtasn1_0_3_8

libtasn1_0_3_9

libtasn1_1_0

libtasn1_1_1

libtasn1_1_2

libtasn1_1_3

libtasn1_1_4

libtasn1_1_5

libtasn1_1_6

libtasn1_2_0

libtasn1_2_1

libtasn1_2_10

libtasn1_2_11

libtasn1_2_12

libtasn1_2_13

libtasn1_2_2

libtasn1_2_3

libtasn1_2_4

libtasn1_2_5

libtasn1_2_6

libtasn1_2_7

libtasn1_2_8

libtasn1_2_9

libtasn1_3_0

libtasn1_3_1

libtasn1_3_2

libtasn1_3_3

libtasn1_3_4

libtasn1_3_5

libtasn1_3_6

libtasn1_4_0

libtasn1_4_1

libtasn1_4_11

libtasn1_4_12

libtasn1_4_2

libtasn1_4_3

libtasn1_4_4

libtasn1_4_5

libtasn1_4_6

libtasn1_4_8

libtasn1_4_9

libtasn1_after_rename

libtasn1_4.*

libtasn1_4.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10790.json"