CVE-2014-3468 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2014-3468?

CVE-2014-3468 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-3468?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Gnutls, Gnu Libtasn1, Redhat Virtualization, Debian Debian Linux, Redhat Enterprise Linux Desktop.

Vulnerability Description

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Gnu	Gnutls	< 3.5.7
Gnu	Libtasn1	< 3.6
Redhat	Virtualization	6.0
Debian	Debian Linux	7.0
Redhat	Enterprise Linux Desktop	5.0
Redhat	Enterprise Linux Eus	6.5
Redhat	Enterprise Linux Server	5.0
Redhat	Enterprise Linux Server Aus	6.5
Redhat	Enterprise Linux Server Tus	6.5
Redhat	Enterprise Linux Workstation	5.0
Suse	Linux Enterprise Desktop	11
Suse	Linux Enterprise High Availability Extension	11
Suse	Linux Enterprise Server	11
Suse	Linux Enterprise Software Development Kit	11
F5	Arx Firmware	>= 6.0.0, <= 6.4.0
F5	Arx	-

Related Weaknesses (CWE)

CWE-131

References

http://advisories.mageia.org/MGASA-2014-0247.htmlThird Party Advisory
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=1c3ccb3e040bf13e342ee60PatchVendor Advisory
http://linux.oracle.com/errata/ELSA-2014-0594.htmlThird Party Advisory
http://linux.oracle.com/errata/ELSA-2014-0596.htmlThird Party Advisory
http://lists.gnu.org/archive/html/help-libtasn1/2014-05/msg00006.htmlMailing ListPatchVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.htmlMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0594.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0596.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0687.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0815.htmlThird Party Advisory
http://secunia.com/advisories/58591Third Party Advisory
http://secunia.com/advisories/58614Third Party Advisory
http://secunia.com/advisories/59021Third Party Advisory
http://secunia.com/advisories/59057Third Party Advisory

FAQ

What is CVE-2014-3468?

CVE-2014-3468 is a vulnerability with a CVSS score of 7.5 (HIGH). The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds acc...

How severe is CVE-2014-3468?

CVE-2014-3468 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-3468?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Gnutls, Gnu Libtasn1, Redhat Virtualization, Debian Debian Linux, Redhat Enterprise Linux Desktop.