Denial of Service Vulnerability in GNU Libtasn1 by The Unix System Consortium
CVE-2014-3469

Currently unrated

Key Information:

Vendor

Gnu
Status
Gnutls
Libtasn1
Vendor
CVE Published:
5 June 2014

What is CVE-2014-3469?

The asn1_read_value_type and asn1_read_value functions in GNU Libtasn1 versions prior to 3.6 are vulnerable to a denial of service. This vulnerability can be exploited by attackers to trigger a NULL pointer dereference when providing a NULL value in an ivalue argument, potentially leading to application crashes and service disruptions.

References

http://secunia.com/advisories/60320
third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2014/dsa-3056
vendor-advisoryx_refsource_DEBIAN
http://www.novell.com/support/kb/doc.php?id=7015302
x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.