CVE-2018-6003

CVE: CVE-2018-6003
Published: 2018-01-22T20:29Z
Vendor: gnu
Products: libtasn1
Versions: 4.12,
Vendor: fedoraproject
Products: fedora
Versions: 26, 27,
Description Language: en
Description: An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
References:
http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?id=c593ae84cfcde8fea45787e53950e0ac71e9ca97
https://bugzilla.redhat.com/show_bug.cgi?id=1535926
https://bugzilla.suse.com/show_bug.cgi?id=1076832
https://gitlab.com/gnutls/libtasn1/commit/946565d8eb05fbf7970ea366e817581bb5a90910
https://www.debian.org/security/2018/dsa-4106