Bugzilla – Bug 1076832
VUL-0: CVE-2018-6003: libtasn1: Stack exhaustion due to indefinite recursion during BER decoding
Last modified: 2023-04-10 15:34:54 UTC
_asn1_decode_simple_ber: restrict the levels of recursion to 3 On indefinite string decoding, setting a maximum level of recursions protects the BER decoder from a stack exhaustion due to large amounts of recursion.
The affected function was only added with this commit [1], which was first introduced with version 1.4.3 [2]. Therefore the codestreams "SUSE:SLE-11-SP1:Update" and "SUSE:SLE-12:Update" are _NOT_ affected, whereas "SUSE:SLE-12-SP3:Update" is affected. Upstream fix can be found here [3] and applies cleanly. [1]: http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/lib/decoding.c?id=b12bfa8932f44d1d1c25b4a2e385387a62dfbcc9 [2]: http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?h=libtasn1_4_3&id=85f9d61c9bf8b6d4c025fb1764c2cfe11cabdfa9 [3]: http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?id=c593ae84cfcde8fea45787e53950e0ac71e9ca97
CVE-2018-6003 has been assigned to this.
SUSE-SU-2018:0295-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1076832 CVE References: CVE-2018-6003 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP3 (src): libtasn1-4.9-3.5.1 SUSE Linux Enterprise Server 12-SP3 (src): libtasn1-4.9-3.5.1 SUSE Linux Enterprise Desktop 12-SP3 (src): libtasn1-4.9-3.5.1 SUSE CaaS Platform ALL (src): libtasn1-4.9-3.5.1
fixed
openSUSE-SU-2018:0324-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1076832 CVE References: CVE-2018-6003 Sources used: openSUSE Leap 42.3 (src): libtasn1-4.9-3.1