CVE-2014-3469: Null Pointer Dereference

First published: Wed May 28 2014(Updated: )

A NULL pointer dereference flaw was found in libtasn1's asn1_read_value_type() / asn1_read_value() function. If an application called the function with a NULL value for an ivalue argument to determine the amount of memory needed to store data to be read from the ASN.1 input, libtasn1 could incorrectly attempt to dereference the NULL pointer, causing an application using the library to crash. The libtasn1 library is used by the GnuTLS library to parse X.509 certificates. The gnutls packages in Red Hat Enterprise Linux 5 and earlier use bundled libtasn1, packages in Red Hat Enterprise Linux 6 and later depend on the library provided by a separate libtasn1 package. Upstream commits: <a href="http://git.savannah.gnu.org/cgit/libtasn1.git/commit/lib/element.c?id=a8b3e14f84174e01755bfd1be5448fffce7c9ffa">http://git.savannah.gnu.org/cgit/libtasn1.git/commit/lib/element.c?id=a8b3e14f84174e01755bfd1be5448fffce7c9ffa</a> <a href="http://git.savannah.gnu.org/cgit/libtasn1.git/commit/lib/element.c?id=3d6a02f19ff15a38dae9686033e37499b3968256">http://git.savannah.gnu.org/cgit/libtasn1.git/commit/lib/element.c?id=3d6a02f19ff15a38dae9686033e37499b3968256</a> <a href="http://git.savannah.gnu.org/cgit/libtasn1.git/commit/lib/element.c?id=53958290ab731c8486531a3bdef54a933533579d">http://git.savannah.gnu.org/cgit/libtasn1.git/commit/lib/element.c?id=53958290ab731c8486531a3bdef54a933533579d</a>

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/libtasn1	<3.6	3.6
GNU GnuTLS	<3.5.7
GNU Libtasn1	<3.6
Redhat Virtualization	=6.0
Debian Debian Linux	=7.0
Redhat Enterprise Linux Desktop	=5.0
Redhat Enterprise Linux Desktop	=6.0
Redhat Enterprise Linux Desktop	=7.0
Redhat Enterprise Linux Eus	=6.5
Redhat Enterprise Linux Eus	=7.3
Redhat Enterprise Linux Eus	=7.4
Redhat Enterprise Linux Eus	=7.5
Redhat Enterprise Linux Eus	=7.6
Redhat Enterprise Linux Eus	=7.7
Redhat Enterprise Linux Server	=5.0
Redhat Enterprise Linux Server	=6.0
Redhat Enterprise Linux Server	=7.0
Redhat Enterprise Linux Server Aus	=6.5
Redhat Enterprise Linux Server Aus	=7.3
Redhat Enterprise Linux Server Aus	=7.4
Redhat Enterprise Linux Server Aus	=7.6
Redhat Enterprise Linux Server Aus	=7.7
Redhat Enterprise Linux Server Tus	=6.5
Redhat Enterprise Linux Server Tus	=7.3
Redhat Enterprise Linux Server Tus	=7.6
Redhat Enterprise Linux Server Tus	=7.7
Redhat Enterprise Linux Workstation	=5.0
Redhat Enterprise Linux Workstation	=6.0
Redhat Enterprise Linux Workstation	=7.0
SUSE Linux Enterprise Desktop	=11-sp3
Suse Linux Enterprise High Availability Extension	=11-sp3
SUSE Linux Enterprise Server	=11-sp1
SUSE Linux Enterprise Server	=11-sp2
SUSE Linux Enterprise Server	=11-sp3
Suse Linux Enterprise Server	=11-sp3
SUSE Linux Enterprise Software Development Kit	=11-sp3

Remedy

http://lists.gnu.org/archive/html/help-libtasn1/2014-05/msg00006.html

Never miss a vulnerability like this again

Reference Links

agent/type
agent/first-publish-date
agent/remedy
agent/severity
agent/references
agent/author
agent/description
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
collector/mitre-cve
source/MITRE
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2014-3469
agent/software-canonical-lookup
agent/weakness
agent/last-modified-date
agent/tags
agent/event
vendor/gnu
canonical/gnu gnutls
canonical/gnu libtasn1
vendor/redhat
canonical/redhat virtualization
version/redhat virtualization/6.0
vendor/debian
canonical/debian debian linux
version/debian debian linux/7.0
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/5.0
version/redhat enterprise linux desktop/6.0
version/redhat enterprise linux desktop/7.0
canonical/redhat enterprise linux eus
version/redhat enterprise linux eus/6.5
version/redhat enterprise linux eus/7.3
version/redhat enterprise linux eus/7.4
version/redhat enterprise linux eus/7.5
version/redhat enterprise linux eus/7.6
version/redhat enterprise linux eus/7.7
canonical/redhat enterprise linux server
version/redhat enterprise linux server/5.0
version/redhat enterprise linux server/6.0
version/redhat enterprise linux server/7.0
canonical/redhat enterprise linux server aus
version/redhat enterprise linux server aus/6.5
version/redhat enterprise linux server aus/7.3
version/redhat enterprise linux server aus/7.4
version/redhat enterprise linux server aus/7.6
version/redhat enterprise linux server aus/7.7
canonical/redhat enterprise linux server tus
version/redhat enterprise linux server tus/6.5
version/redhat enterprise linux server tus/7.3
version/redhat enterprise linux server tus/7.6
version/redhat enterprise linux server tus/7.7
canonical/redhat enterprise linux workstation
version/redhat enterprise linux workstation/5.0
version/redhat enterprise linux workstation/6.0
version/redhat enterprise linux workstation/7.0
vendor/suse
canonical/suse linux enterprise desktop
version/suse linux enterprise desktop/11-sp3
canonical/suse linux enterprise high availability extension
version/suse linux enterprise high availability extension/11-sp3
canonical/suse linux enterprise server
version/suse linux enterprise server/11-sp1
version/suse linux enterprise server/11-sp2
version/suse linux enterprise server/11-sp3
canonical/suse linux enterprise software development kit
version/suse linux enterprise software development kit/11-sp3
package-manager/redhat

CVE-2014-3469: Null Pointer Dereference

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact