CVE-2016-4579

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
13/06/2016
Last modified:
12/04/2025

Description

Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl."

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gnupg:libksba:*:*:*:*:*:*:*:* 1.3.3 (including)
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*