Download
| Alert*
[3.7] libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion (CVE-2018-1000654)
The ASN.1 library used in GNUTLS through versions 4.13 allows for an infinite loop due to an issue in the _asn1_expand_object_id function. An attacker could exploit this via a crafted ASN.1 structure to causing high CPU usage until a resultant out-of-memory error
|