blob: ac06916c6a300d9a27c46feb41a8264513b9d6c6 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
|
Description: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
References:
https://lkml.org/lkml/2016/5/12/270
Notes:
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1300257
upstream: released (4.6) [23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa]
3.16-upstream-stable: released (3.16.36) [keys-fix-asn.1-indefinite-length-object-parsing.patch]
3.2-upstream-stable: N/A "Vulnerable code introduced by 42d5ec27f873c654a68f7f865dcd7737513e9508 (3.10-rc1)
sid: released (4.5.4-1) [bugfix/all/KEYS-Fix-ASN.1-indefinite-length-object-parsing.patch]
3.16-jessie-security: N/A "Vulnerable code is not built"
3.2-wheezy-security: N/A "Vulnerable code not present"
|
