VU#271649: Stack-based buffer overflow in libtasn1 versions v4.20.0 and earlier
GNU libtasn1, a library for ASN.1 parsing, contains a stack-based buffer overflow vulnerability. The flaw resides in the asn1_expand_octet_string function within the decoding.c file. This vulnerability is triggered by unsafe string concatenation using strcpy and strcat. The concatenation of field names without bounds checking leads to a one-byte overflow in the allocated stack buffer. This occurs when handling potentially untrusted ASN.1 input, specifically with malformed data. While the overflow is small, it still can cause subtle memory corruption. This corruption could result in unexpected behavior, especially within security-critical operations, such as cryptographic activities. An attacker could exploit this vulnerability by crafting malicious ASN.1 data. The impact may include parsing failures or unusual operations during cryptographic processes. A patch has been proposed to fix this issue, offering a solution to developers. Developers are advised to review the patch and implement mitigations.
asn1_expand_octet_stringfunction within thedecoding.cfile. This vulnerability is triggered by unsafe string concatenation usingstrcpyandstrcat. The concatenation of field names without bounds checking leads to a one-byte overflow in the allocated stack buffer. This occurs when handling potentially untrusted ASN.1 input, specifically with malformed data. While the overflow is small, it still can cause subtle memory corruption. This corruption could result in unexpected behavior, especially within security-critical operations, such as cryptographic activities. An attacker could exploit this vulnerability by crafting malicious ASN.1 data. The impact may include parsing failures or unusual operations during cryptographic processes. A patch has been proposed to fix this issue, offering a solution to developers. Developers are advised to review the patch and implement mitigations.