A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.
An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | RedHat | libtasn1-0:4.13-5.el8_10 | * |
| Red Hat Enterprise Linux 8 | RedHat | libtasn1-0:4.13-5.el8_10 | * |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | gnutls-0:3.6.14-10.el8_4.1 | * |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | libtasn1-0:4.13-3.el8_4.1 | * |
| Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | RedHat | gnutls-0:3.6.14-10.el8_4.1 | * |
| Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | RedHat | libtasn1-0:4.13-3.el8_4.1 | * |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | RedHat | gnutls-0:3.6.16-5.el8_6.5 | * |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | RedHat | libtasn1-0:4.13-3.el8_6.2 | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On | RedHat | gnutls-0:3.6.16-5.el8_6.5 | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On | RedHat | libtasn1-0:4.13-3.el8_6.2 | * |
| Red Hat Enterprise Linux 8.8 Telecommunications Update Service | RedHat | gnutls-0:3.6.16-7.el8_8.4 | * |
| Red Hat Enterprise Linux 8.8 Telecommunications Update Service | RedHat | libtasn1-0:4.13-4.el8_8.1 | * |
| Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | RedHat | gnutls-0:3.6.16-7.el8_8.4 | * |
| Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | RedHat | libtasn1-0:4.13-4.el8_8.1 | * |
| Red Hat Enterprise Linux 9 | RedHat | libtasn1-0:4.16.0-9.el9 | * |
| Red Hat Enterprise Linux 9 | RedHat | libtasn1-0:4.16.0-9.el9 | * |
| Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | RedHat | libtasn1-0:4.16.0-8.el9_2.1 | * |
| Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | libtasn1-0:4.16.0-8.el9_4.1 | * |
| Red Hat Discovery 1.14 | RedHat | discovery/discovery-server-rhel9:1.14.3-1748529279 | * |
| Red Hat Discovery 1.14 | RedHat | discovery/discovery-ui-rhel9:1.14.2-1748467619 | * |
| Libtasn1-6 | Ubuntu | esm-infra/focal | * |
| Libtasn1-6 | Ubuntu | esm-infra/xenial | * |
| Libtasn1-6 | Ubuntu | focal | * |
| Libtasn1-6 | Ubuntu | jammy | * |
| Libtasn1-6 | Ubuntu | noble | * |
| Libtasn1-6 | Ubuntu | oracular | * |
| Libtasn1-6 | Ubuntu | upstream | * |