Denial of Service Vulnerability in GNU Libtasn1 by The Unix System Consortium
CVE-2014-3469

Currently unrated

Key Information:

Vendor
Gnu
Vendor
CVE Published:
5 June 2014

Summary

The asn1_read_value_type and asn1_read_value functions in GNU Libtasn1 versions prior to 3.6 are vulnerable to a denial of service. This vulnerability can be exploited by attackers to trigger a NULL pointer dereference when providing a NULL value in an ivalue argument, potentially leading to application crashes and service disruptions.

References

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.