A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.
An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | RedHat | libtasn1-0:4.13-5.el8_10 | * |
| Red Hat Enterprise Linux 8 | RedHat | libtasn1-0:4.13-5.el8_10 | * |
| Red Hat Enterprise Linux 9 | RedHat | libtasn1-0:4.16.0-9.el9 | * |
| Red Hat Enterprise Linux 9 | RedHat | libtasn1-0:4.16.0-9.el9 | * |
| Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | RedHat | libtasn1-0:4.16.0-8.el9_2.1 | * |
| Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | libtasn1-0:4.16.0-8.el9_4.1 | * |
| Red Hat Discovery 1.14 | RedHat | discovery/discovery-server-rhel9:sha256:f33991d766b618a128fb99fbe4f9b61c5004f7c6aa73b2b38e28d59e56c64d63 | * |
| Red Hat Discovery 1.14 | RedHat | discovery/discovery-ui-rhel9:sha256:492e412759cf0eedfa5b557f7b0865f8864f84d0ed75e11dc8d7a840837d9644 | * |
| Libtasn1-6 | Ubuntu | esm-infra/focal | * |
| Libtasn1-6 | Ubuntu | focal | * |
| Libtasn1-6 | Ubuntu | jammy | * |
| Libtasn1-6 | Ubuntu | noble | * |
| Libtasn1-6 | Ubuntu | oracular | * |
| Libtasn1-6 | Ubuntu | upstream | * |