CVE-2014-3468 — Incorrect Calculation of Buffer Size in Libtasn1

CWE-131 — Incorrect Calculation of Buffer Size CWE-392 — Missing Report of Error Condition CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents8 sources

Severity

7.5HIGHNVD

EPSS

10.7%

top 6.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Gnutls GNU Libtasn1 F5 ARX Firmware +12 more

Timeline

PublishedJun 5

Latest updateMay 13

Description

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages11 packages

▶NVDgnu/libtasn1< 3.6

▶NVDgnu/gnutls< 3.5.7

▶NVDf5/arx_firmware6.0.0 — 6.4.0

▶NVDredhat/virtualization6.0

▶NVDsuse/linux_enterprise_server11

Also affects: Debian Linux 7.0, Enterprise Linux 6.5, 7.3, 7.4, 7.5, 7.6, 7.7

Patches

Patch: git.savannah.gnu.org ↗Patch: lists.gnu.org ↗Patch: git.savannah.gnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-qg3j-x87h-jwjm: The asn1_get_bit_der function in GNU Libtasn1 before 3↗2022-05-13

▶

OSV

libtasn1-3, libtasn1-6 vulnerabilities↗2014-07-22

▶

OSV

CVE-2014-3468: The asn1_get_bit_der function in GNU Libtasn1 before 3↗2014-06-05

▶

CVEList

CVE-2014-3468: The asn1_get_bit_der function in GNU Libtasn1 before 3↗2014-06-05

▶

📋Vendor Advisories

Ubuntu

Libtasn1 vulnerabilities↗2014-07-22

▶

Red Hat

libtasn1: asn1_get_bit_der() can return negative bit length↗2014-05-25

▶

Debian

CVE-2014-3468: libtasn1-6 - The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly repor...↗2014

▶

💬Community

Bugzilla

CVE-2014-3467 CVE-2014-3469 CVE-2014-3468 libtasn1: various flaws [fedora-all]↗2014-05-30

▶

Bugzilla

CVE-2014-3467 CVE-2014-3469 CVE-2014-3468 mingw32-gnutls: various flaws [epel-5]↗2014-05-30

▶

Bugzilla

CVE-2014-3467 CVE-2014-3469 CVE-2014-3468 mingw-libtasn1: various flaws [fedora-all]↗2014-05-30

▶

Bugzilla

CVE-2014-3468 libtasn1: asn1_get_bit_der() can return negative bit length↗2014-05-28

▶