The asn1getbit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libtasn1-6": "3.4-3ubuntu0.1", "libtasn1-6-dbg": "3.4-3ubuntu0.1", "libtasn1-6-dev": "3.4-3ubuntu0.1", "libtasn1-3-dev": "3.4-3ubuntu0.1", "libtasn1-bin": "3.4-3ubuntu0.1", "libtasn1-3-bin": "3.4-3ubuntu0.1" } ] }