SUSE update for libtasn1
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2017-6891 CVE-2018-1000654 CVE-2021-46848 |
| CWE-ID | CWE-121 CWE-20 CWE-193 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
SUSE Linux Enterprise Server Operating systems & Components / Operating system libtasn1-debugsource Operating systems & Components / Operating system package or component libtasn1-debuginfo Operating systems & Components / Operating system package or component libtasn1-6-debuginfo-32bit Operating systems & Components / Operating system package or component libtasn1-6-debuginfo Operating systems & Components / Operating system package or component libtasn1-6-32bit Operating systems & Components / Operating system package or component libtasn1-6 Operating systems & Components / Operating system package or component libtasn1 Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU6890
Risk: Medium
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-6891
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionA remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 when processing a specially crafted assignments file via the e.g. asn1Coding utility. A remote attacker can trick the victim into opening a specially crafted file, trigger stack-based buffer overflow and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Update the affected package libtasn1 to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP2-BCL
libtasn1-debugsource: before 3.7-13.7.1
libtasn1-debuginfo: before 3.7-13.7.1
libtasn1-6-debuginfo-32bit: before 3.7-13.7.1
libtasn1-6-debuginfo: before 3.7-13.7.1
libtasn1-6-32bit: before 3.7-13.7.1
libtasn1-6: before 3.7-13.7.1
libtasn1: before 3.7-13.7.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP2-BCL:*:*:*:*:*:*:*
- cpe:2.3:o:suse:libtasn1-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20223797-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU18290
Risk: Low
CVSSv4.0: 5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2018-1000654
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the _asn1_expand_object_id(p_tree) function when parsing a specially crafted file with asn1Parser binary. An attacker can create a specially crafted file, pass it to the application and consume all available CPU resources on the system.
Update the affected package libtasn1 to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP2-BCL
libtasn1-debugsource: before 3.7-13.7.1
libtasn1-debuginfo: before 3.7-13.7.1
libtasn1-6-debuginfo-32bit: before 3.7-13.7.1
libtasn1-6-debuginfo: before 3.7-13.7.1
libtasn1-6-32bit: before 3.7-13.7.1
libtasn1-6: before 3.7-13.7.1
libtasn1: before 3.7-13.7.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP2-BCL:*:*:*:*:*:*:*
- cpe:2.3:o:suse:libtasn1-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20223797-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Off-by-one
EUVDB-ID: #VU68858
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-46848
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an ETYPE_OK off-by-one error in asn1_encode_simple_der in Libtasn1. A remote attacker can pass specially crafted data to the application, trigger an off-by-one error and perform a denial of service (DoS) attack.
Update the affected package libtasn1 to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server: 12-SP2-BCL
libtasn1-debugsource: before 3.7-13.7.1
libtasn1-debuginfo: before 3.7-13.7.1
libtasn1-6-debuginfo-32bit: before 3.7-13.7.1
libtasn1-6-debuginfo: before 3.7-13.7.1
libtasn1-6-32bit: before 3.7-13.7.1
libtasn1-6: before 3.7-13.7.1
libtasn1: before 3.7-13.7.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_server:12-SP2-BCL:*:*:*:*:*:*:*
- cpe:2.3:o:suse:libtasn1-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-debuginfo-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6-32bit:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1-6:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libtasn1:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2022/suse-su-20223797-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
