Vulnerabilities

CVE-2016-2053

by Fred · 02/05/2016

The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.

Date published : 2016-05-02

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f

https://bugzilla.redhat.com/show_bug.cgi?id=1300237

Similar

Tags: Cybersecurity Alert