CVE-2018-6003
published 2018-01-22CVE-2018-6003: An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to…
PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
2.84%
84.9th percentile
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | libtasn1-6 | < libtasn1-6 4.13-2 (bookworm) | libtasn1-6 4.13-2 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| gnu | libtasn1 | <= 4.12 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Libtasn1 vulnerabilities
vendor_ubuntu·2018-01-25·CVSS 7.5
CVE-2017-10790 [HIGH] Libtasn1 vulnerabilities
Title: Libtasn1 vulnerabilities
Summary: Several security issues were fixed in Libtasn1.
It was discovered that Libtasn1 incorrectly handled certain files.
If a user were tricked into opening a crafted file, an attacker could possibly
use this to cause a denial of service. This issue only affected Ubuntu 14.04
LTS and Ubuntu 16.04 LTS. (CVE-2017-10790)
It was discovered that Libtasn1 incorrectly handled certain inputs.
An attacker could possibly use this to cause Libtasn1 to hang, resulting
in a denial of service. This issue only affected Ubuntu 16.04 LTS and
Ubuntu 17.10. (CVE-2018-6003)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
libtasn1: Stack exhaustion due to indefinite recursion during BER decoding
vendor_redhat·2018-01-04·CVSS 7.5
CVE-2018-6003 [HIGH] CWE-674 libtasn1: Stack exhaustion due to indefinite recursion during BER decoding
libtasn1: Stack exhaustion due to indefinite recursion during BER decoding
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
Statement: This issue affects the versions of libtasn1 as shipped with Red Hat Satellite version 6. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Package: libtasn1 (Red Hat Enterprise Linux 6) - Not affected
Package: libtasn1 (Red Hat Enterprise Linux 7) - Will not fix
Package: libtasn1 (Red Hat Enterprise Linux 8) - Not affected
Debian
CVE-2018-6003: libtasn1-6 - An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in...
vendor_debian·2018·CVSS 7.5
CVE-2018-6003 [HIGH] CVE-2018-6003: libtasn1-6 - An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in...
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
Scope: local
bookworm: resolved (fixed in 4.13-2)
bullseye: resolved (fixed in 4.13-2)
forky: resolved (fixed in 4.13-2)
sid: resolved (fixed in 4.13-2)
trixie: resolved (fixed in 4.13-2)
GHSA
GHSA-834w-g79f-wrqv: An issue was discovered in the _asn1_decode_simple_ber function in decoding
ghsa_unreviewed·2022-05-13
CVE-2018-6003 [HIGH] CWE-674 GHSA-834w-g79f-wrqv: An issue was discovered in the _asn1_decode_simple_ber function in decoding
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
OSV
libtasn1-6 vulnerabilities
osv·2018-01-25·CVSS 7.5
CVE-2017-10790 [HIGH] libtasn1-6 vulnerabilities
libtasn1-6 vulnerabilities
It was discovered that Libtasn1 incorrectly handled certain files.
If a user were tricked into opening a crafted file, an attacker could possibly
use this to cause a denial of service. This issue only affected Ubuntu 14.04
LTS and Ubuntu 16.04 LTS. (CVE-2017-10790)
It was discovered that Libtasn1 incorrectly handled certain inputs.
An attacker could possibly use this to cause Libtasn1 to hang, resulting
in a denial of service. This issue only affected Ubuntu 16.04 LTS and
Ubuntu 17.10. (CVE-2018-6003)
OSV
CVE-2018-6003: An issue was discovered in the _asn1_decode_simple_ber function in decoding
osv·2018-01-22·CVSS 7.5
CVE-2018-6003 [HIGH] CVE-2018-6003: An issue was discovered in the _asn1_decode_simple_ber function in decoding
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-6003 mingw-libtasn1: libtasn1: Stack exhaustion due to indefinite recursion during BER decoding [fedora-all]
bugzilla·2018-01-18·CVSS 7.5
CVE-2018-6003 [HIGH] CVE-2018-6003 mingw-libtasn1: libtasn1: Stack exhaustion due to indefinite recursion during BER decoding [fedora-all]
CVE-2018-6003 mingw-libtasn1: libtasn1: Stack exhaustion due to indefinite recursion during BER decoding [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this i
Bugzilla
CVE-2018-6003 libtasn1: Stack exhaustion due to indefinite recursion during BER decoding
bugzilla·2018-01-17·CVSS 7.5
CVE-2018-6003 [HIGH] CVE-2018-6003 libtasn1: Stack exhaustion due to indefinite recursion during BER decoding
CVE-2018-6003 libtasn1: Stack exhaustion due to indefinite recursion during BER decoding
It was found that indefinite string encoding is decoded via recursion in _asn1_decode_simple_ber() which can lead to stack exhaustion when processing specially crafted string.
Reference:
https://lists.gnu.org/archive/html/help-libtasn1/2018-01/msg00000.html
Discussion:
Upstream patch:
https://gitlab.com/gnutls/libtasn1/commit/c593ae84cfcde8fea45787e53950e0ac71e9ca97
---
Created libtasn1 tracking bugs for this issue:
Affects: fedora-all [bug 1535926]
Created mingw-libtasn1 tracking bugs for this issue:
Affects: fedora-all [bug 1535925]
---
Statement:
This issue affects the versions of libtasn1 as shipped with Red Hat Satellite version 6. Red Hat Product Security has rated this issue as ha
http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?id=c593ae84cfcde8fea45787e53950e0ac71e9ca97https://bugzilla.redhat.com/show_bug.cgi?id=1535926https://bugzilla.suse.com/show_bug.cgi?id=1076832https://gitlab.com/gnutls/libtasn1/commit/946565d8eb05fbf7970ea366e817581bb5a90910https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Ehttps://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Ehttps://www.debian.org/security/2018/dsa-4106http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?id=c593ae84cfcde8fea45787e53950e0ac71e9ca97https://bugzilla.redhat.com/show_bug.cgi?id=1535926https://bugzilla.suse.com/show_bug.cgi?id=1076832https://gitlab.com/gnutls/libtasn1/commit/946565d8eb05fbf7970ea366e817581bb5a90910https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Ehttps://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Ehttps://www.debian.org/security/2018/dsa-4106
2018-01-22
Published