The asn1berdecoder function in lib/asn1decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the publickeyverifysignature function in crypto/asymmetrickeys/publickey.c.