Wind River Support Network

HomeDefectsLIN6-7647

Fixed

LIN6-7647 : Security Advisory - libtasn1 - CVE-2014-3468

Created: Jun 11, 2014 Updated: Dec 3, 2018

Resolved Date: Oct 23, 2014

Previous ID: LIN4-31491

Found In Version: 6.0.0.9

Fix Version: 6.0.0.9

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38