[Debian] CVE: CVE-2021-46848: libtasn1 : an ETYPE_OK off-by-one
Bug #2002279 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Critical
|
Zhixiong Chi |
Bug Description
CVE-2021-46848: https:/
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_
Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-42898 fixed 9.1 N L N N H
References:
https:/
['libtasn1-
Found during December 2022 CVE scan using vulscan
CVE References
Changed in starlingx: | |
assignee: | nobody → Zhixiong Chi (zhixiongchi) |
status: | New → Triaged |
importance: | Undecided → Critical |
information type: | Public → Public Security |
tags: | added: stx.8.0 stx.security |
Changed in starlingx: | |
status: | Triaged → In Progress |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/starlingx /tools/ +/869625
Review: https:/