INFSA-2025:7077: libtasn1 security update
Information about definition
Identificator: INFSA-2025:7077
Type: security
Release date: 2025-06-10 11:46:19 UTC
Information about package
A library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.
Vulnerabilities description
- CVE-2024-12133
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-12133
|
no information | 5.3 | no information |
Updated packages