CVE-2024-12133: Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos

Description

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.

Classification

CVE ID: CVE-2024-12133

Affected Products

Vendor: Red Hat

Product: Red Hat Enterprise Linux 6

Timeline

2025-02-11 00:31:07 UTC
CVE

Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos