CVE-2015-3622

Upstream information

CVE-2015-3622 at MITRE

Description

The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.

SUSE information

CVSS v2 Scores
	National Vulnerability Database
Base Score	4.30
Vector	AV:N/AC:M/Au:N/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Medium
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entry: 929414 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SU-2015:1518-1, published Wed Sep 9 10:12:32 MDT 2015
SUSE-SU-2016:1600-1, published Thu Jun 16 11:08:10 MDT 2016
SUSE-SU-2016:1601-1, published Thu Jun 16 11:08:46 MDT 2016
openSUSE-SU-2015:1372-1, published Wed, 12 Aug 2015 15:09:15 +0200 (CEST)
openSUSE-SU-2016:1567-1, published Tue, 14 Jun 2016 11:09:25 +0200 (CEST)
openSUSE-SU-2016:1674-1, published Fri, 24 Jun 2016 16:29:46 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Desktop 12	`gnutls >= 3.2.15-11.1` `libgnutls28 >= 3.2.15-11.1` `libgnutls28-32bit >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-6 >= 3.7-11.1` `libtasn1-6-32bit >= 3.7-11.1`	Patchnames: SUSE-SLE-DESKTOP-12-2015-513 SUSE-SLE-DESKTOP-12-2016-949
SUSE Linux Enterprise Desktop 12 SP1	`gnutls >= 3.2.15-11.1` `libgnutls28 >= 3.2.15-11.1` `libgnutls28-32bit >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-6 >= 3.7-11.1` `libtasn1-6-32bit >= 3.7-11.1`	Patchnames: SUSE Linux Enterprise Desktop 12 SP1 GA gnutls SUSE-SLE-DESKTOP-12-SP1-2016-949
SUSE Linux Enterprise Desktop 12 SP2	`gnutls >= 3.2.15-11.1` `libgnutls28 >= 3.2.15-11.1` `libgnutls28-32bit >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-6 >= 3.7-11.1` `libtasn1-6-32bit >= 3.7-11.1`	Patchnames: SUSE Linux Enterprise Desktop 12 SP2 GA gnutls SUSE Linux Enterprise Desktop 12 SP2 GA libtasn1
SUSE Linux Enterprise Server 11 SP4	`libtasn1 >= 1.5-1.34.1` `libtasn1-3 >= 1.5-1.34.1` `libtasn1-3-32bit >= 1.5-1.34.1` `libtasn1-3-x86 >= 1.5-1.34.1`	Patchnames: slessp4-ntp-12614
SUSE Linux Enterprise Server 12	`gnutls >= 3.2.15-11.1` `libgnutls-openssl27 >= 3.2.15-11.1` `libgnutls28 >= 3.2.15-11.1` `libgnutls28-32bit >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-6 >= 3.7-11.1` `libtasn1-6-32bit >= 3.7-11.1`	Patchnames: SUSE-SLE-SERVER-12-2015-513 SUSE-SLE-SERVER-12-2016-949
SUSE Linux Enterprise Server 12 SP1	`gnutls >= 3.2.15-11.1` `libgnutls-openssl27 >= 3.2.15-11.1` `libgnutls28 >= 3.2.15-11.1` `libgnutls28-32bit >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-6 >= 3.7-11.1` `libtasn1-6-32bit >= 3.7-11.1`	Patchnames: SUSE Linux Enterprise Server 12 SP1 GA gnutls SUSE-SLE-SERVER-12-SP1-2016-949
SUSE Linux Enterprise Server 12 SP2	`gnutls >= 3.2.15-11.1` `libgnutls-openssl27 >= 3.2.15-11.1` `libgnutls28 >= 3.2.15-11.1` `libgnutls28-32bit >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-6 >= 3.7-11.1` `libtasn1-6-32bit >= 3.7-11.1`	Patchnames: SUSE Linux Enterprise Server 12 SP2 GA gnutls SUSE Linux Enterprise Server 12 SP2 GA libtasn1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	`gnutls >= 3.2.15-11.1` `libgnutls-openssl27 >= 3.2.15-11.1` `libgnutls28 >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-6 >= 3.7-11.1`	Patchnames: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA gnutls SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA libtasn1
SUSE Linux Enterprise Software Development Kit 11 SP4	`libtasn1 >= 1.5-1.34.1` `libtasn1-devel >= 1.5-1.34.1`	Patchnames: sdksp4-ntp-12614
SUSE Linux Enterprise Software Development Kit 12	`gnutls >= 3.2.15-11.1` `libgnutls-devel >= 3.2.15-11.1` `libgnutls-openssl-devel >= 3.2.15-11.1` `libgnutlsxx-devel >= 3.2.15-11.1` `libgnutlsxx28 >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-devel >= 3.7-11.1`	Patchnames: SUSE-SLE-SDK-12-2015-513 SUSE-SLE-SDK-12-2016-949
SUSE Linux Enterprise Software Development Kit 12 SP1	`libgnutls-devel >= 3.2.15-11.1` `libgnutls-openssl-devel >= 3.2.15-11.1` `libgnutlsxx-devel >= 3.2.15-11.1` `libgnutlsxx28 >= 3.2.15-11.1` `libtasn1 >= 3.7-11.1` `libtasn1-devel >= 3.7-11.1`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP1 GA libgnutls-devel SUSE-SLE-SDK-12-SP1-2016-949
SUSE Linux Enterprise Software Development Kit 12 SP2	`libgnutls-devel >= 3.2.15-11.1` `libgnutls-openssl-devel >= 3.2.15-11.1` `libgnutlsxx-devel >= 3.2.15-11.1` `libgnutlsxx28 >= 3.2.15-11.1` `libtasn1-devel >= 3.7-11.1`	Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP2 GA libgnutls-devel SUSE Linux Enterprise Software Development Kit 12 SP2 GA libtasn1-devel
openSUSE 13.1	`gnutls >= 3.2.4-2.35.1` `gnutls-debuginfo >= 3.2.4-2.35.1` `gnutls-debugsource >= 3.2.4-2.35.1` `libgnutls-devel >= 3.2.4-2.35.1` `libgnutls-devel-32bit >= 3.2.4-2.35.1` `libgnutls-openssl-devel >= 3.2.4-2.35.1` `libgnutls-openssl27 >= 3.2.4-2.35.1` `libgnutls-openssl27-debuginfo >= 3.2.4-2.35.1` `libgnutls28 >= 3.2.4-2.35.1` `libgnutls28-32bit >= 3.2.4-2.35.1` `libgnutls28-debuginfo >= 3.2.4-2.35.1` `libgnutls28-debuginfo-32bit >= 3.2.4-2.35.1` `libgnutlsxx-devel >= 3.2.4-2.35.1` `libgnutlsxx28 >= 3.2.4-2.35.1` `libgnutlsxx28-debuginfo >= 3.2.4-2.35.1`	Patchnames: openSUSE-2015-542
openSUSE 13.2	`gnutls >= 3.2.18-11.1` `gnutls-debuginfo >= 3.2.18-11.1` `gnutls-debugsource >= 3.2.18-11.1` `libgnutls-devel >= 3.2.18-11.1` `libgnutls-devel-32bit >= 3.2.18-11.1` `libgnutls-openssl-devel >= 3.2.18-11.1` `libgnutls-openssl27 >= 3.2.18-11.1` `libgnutls-openssl27-debuginfo >= 3.2.18-11.1` `libgnutls28 >= 3.2.18-11.1` `libgnutls28-32bit >= 3.2.18-11.1` `libgnutls28-debuginfo >= 3.2.18-11.1` `libgnutls28-debuginfo-32bit >= 3.2.18-11.1` `libgnutlsxx-devel >= 3.2.18-11.1` `libgnutlsxx28 >= 3.2.18-11.1` `libgnutlsxx28-debuginfo >= 3.2.18-11.1` `libtasn1 >= 3.7-2.7.1` `libtasn1-6 >= 3.7-2.7.1` `libtasn1-6-32bit >= 3.7-2.7.1` `libtasn1-6-debuginfo >= 3.7-2.7.1` `libtasn1-6-debuginfo-32bit >= 3.7-2.7.1` `libtasn1-debuginfo >= 3.7-2.7.1` `libtasn1-debugsource >= 3.7-2.7.1` `libtasn1-devel >= 3.7-2.7.1` `libtasn1-devel-32bit >= 3.7-2.7.1`	Patchnames: openSUSE-2015-542 openSUSE-2016-716
openSUSE Leap 42.1	`gnutls >= 3.2.15-6.2` `libgnutls-devel >= 3.2.15-6.2` `libgnutls-openssl27 >= 3.2.15-6.2` `libgnutls28 >= 3.2.15-6.2` `libgnutls28-32bit >= 3.2.15-6.2` `libtasn1 >= 3.7-12.1` `libtasn1-6 >= 3.7-12.1` `libtasn1-6-32bit >= 3.7-12.1` `libtasn1-6-debuginfo >= 3.7-12.1` `libtasn1-6-debuginfo-32bit >= 3.7-12.1` `libtasn1-debuginfo >= 3.7-12.1` `libtasn1-debugsource >= 3.7-12.1` `libtasn1-devel >= 3.7-12.1` `libtasn1-devel-32bit >= 3.7-12.1`	Patchnames: openSUSE Leap 42.1 GA gnutls openSUSE-2016-773
openSUSE Leap 42.2	`gnutls >= 3.2.15-7.5` `libgnutls-devel >= 3.2.15-7.5` `libgnutls-openssl27 >= 3.2.15-7.5` `libgnutls28 >= 3.2.15-7.5` `libgnutls28-32bit >= 3.2.15-7.5` `libtasn1 >= 3.7-12.2` `libtasn1-6 >= 3.7-12.2` `libtasn1-6-32bit >= 3.7-12.2` `libtasn1-devel >= 3.7-12.2`	Patchnames: openSUSE Leap 42.2 GA gnutls openSUSE Leap 42.2 GA libtasn1
openSUSE Tumbleweed	`libtasn1 >= 4.9-1.3` `libtasn1-6 >= 4.9-1.3` `libtasn1-6-32bit >= 4.9-1.3` `libtasn1-devel >= 4.9-1.3` `libtasn1-devel-32bit >= 4.9-1.3`	Patchnames: openSUSE Tumbleweed GA libtasn1