OESA-2025-1107
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1107
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2025-1107.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2025-1107
- Upstream
- Published
- 2025-02-14T12:12:03Z
- Modified
- 2025-09-03T06:19:54.541041Z
- Summary
- libtasn1 security update
- Details
-
Libtasn1 is the ASN.1 library used by GnuTLS, p11-kit and some other packages. The goal of this implementation is to be highly portable, and only require an ANSI C99 platform.This library provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.
Security Fix(es):
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.(CVE-2024-12133)
- Database specific
{ "severity": "Critical" }- References
Affected packages
openEuler:22.03-LTS-SP4 / libtasn1
Package
- Name
- libtasn1
- Purl
- pkg:rpm/openEuler/libtasn1&distro=openEuler-22.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.19.0-2.oe2203sp4
Ecosystem specific
{
"x86_64": [
"libtasn1-4.19.0-2.oe2203sp4.x86_64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2203sp4.x86_64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2203sp4.x86_64.rpm",
"libtasn1-devel-4.19.0-2.oe2203sp4.x86_64.rpm"
],
"aarch64": [
"libtasn1-4.19.0-2.oe2203sp4.aarch64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2203sp4.aarch64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2203sp4.aarch64.rpm",
"libtasn1-devel-4.19.0-2.oe2203sp4.aarch64.rpm"
],
"noarch": [
"libtasn1-help-4.19.0-2.oe2203sp4.noarch.rpm"
],
"src": [
"libtasn1-4.19.0-2.oe2203sp4.src.rpm"
]
}
openEuler:24.03-LTS / libtasn1
Package
- Name
- libtasn1
- Purl
- pkg:rpm/openEuler/libtasn1&distro=openEuler-24.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.19.0-2.oe2403sp1
Ecosystem specific
{
"x86_64": [
"libtasn1-4.19.0-2.oe2403.x86_64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2403.x86_64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2403.x86_64.rpm",
"libtasn1-devel-4.19.0-2.oe2403.x86_64.rpm",
"libtasn1-4.19.0-2.oe2403sp1.x86_64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2403sp1.x86_64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2403sp1.x86_64.rpm",
"libtasn1-devel-4.19.0-2.oe2403sp1.x86_64.rpm"
],
"aarch64": [
"libtasn1-4.19.0-2.oe2403.aarch64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2403.aarch64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2403.aarch64.rpm",
"libtasn1-devel-4.19.0-2.oe2403.aarch64.rpm",
"libtasn1-4.19.0-2.oe2403sp1.aarch64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2403sp1.aarch64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2403sp1.aarch64.rpm",
"libtasn1-devel-4.19.0-2.oe2403sp1.aarch64.rpm"
],
"noarch": [
"libtasn1-help-4.19.0-2.oe2403.noarch.rpm",
"libtasn1-help-4.19.0-2.oe2403sp1.noarch.rpm"
],
"src": [
"libtasn1-4.19.0-2.oe2403.src.rpm",
"libtasn1-4.19.0-2.oe2403sp1.src.rpm"
]
}
openEuler:24.03-LTS-SP1 / libtasn1
Package
- Name
- libtasn1
- Purl
- pkg:rpm/openEuler/libtasn1&distro=openEuler-24.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.19.0-2.oe2403sp1
Ecosystem specific
{
"x86_64": [
"libtasn1-4.19.0-2.oe2403sp1.x86_64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2403sp1.x86_64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2403sp1.x86_64.rpm",
"libtasn1-devel-4.19.0-2.oe2403sp1.x86_64.rpm"
],
"aarch64": [
"libtasn1-4.19.0-2.oe2403sp1.aarch64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2403sp1.aarch64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2403sp1.aarch64.rpm",
"libtasn1-devel-4.19.0-2.oe2403sp1.aarch64.rpm"
],
"noarch": [
"libtasn1-help-4.19.0-2.oe2403sp1.noarch.rpm"
],
"src": [
"libtasn1-4.19.0-2.oe2403sp1.src.rpm"
]
}
openEuler:20.03-LTS-SP4 / libtasn1
Package
- Name
- libtasn1
- Purl
- pkg:rpm/openEuler/libtasn1&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.16.0-3.oe2003sp4
Ecosystem specific
{
"x86_64": [
"libtasn1-4.16.0-3.oe2003sp4.x86_64.rpm",
"libtasn1-debuginfo-4.16.0-3.oe2003sp4.x86_64.rpm",
"libtasn1-debugsource-4.16.0-3.oe2003sp4.x86_64.rpm",
"libtasn1-devel-4.16.0-3.oe2003sp4.x86_64.rpm"
],
"aarch64": [
"libtasn1-4.16.0-3.oe2003sp4.aarch64.rpm",
"libtasn1-debuginfo-4.16.0-3.oe2003sp4.aarch64.rpm",
"libtasn1-debugsource-4.16.0-3.oe2003sp4.aarch64.rpm",
"libtasn1-devel-4.16.0-3.oe2003sp4.aarch64.rpm"
],
"noarch": [
"libtasn1-help-4.16.0-3.oe2003sp4.noarch.rpm"
],
"src": [
"libtasn1-4.16.0-3.oe2003sp4.src.rpm"
]
}
openEuler:22.03-LTS-SP3 / libtasn1
Package
- Name
- libtasn1
- Purl
- pkg:rpm/openEuler/libtasn1&distro=openEuler-22.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.19.0-2.oe2203sp3
Ecosystem specific
{
"x86_64": [
"libtasn1-4.19.0-2.oe2203sp3.x86_64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2203sp3.x86_64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2203sp3.x86_64.rpm",
"libtasn1-devel-4.19.0-2.oe2203sp3.x86_64.rpm"
],
"aarch64": [
"libtasn1-4.19.0-2.oe2203sp3.aarch64.rpm",
"libtasn1-debuginfo-4.19.0-2.oe2203sp3.aarch64.rpm",
"libtasn1-debugsource-4.19.0-2.oe2203sp3.aarch64.rpm",
"libtasn1-devel-4.19.0-2.oe2203sp3.aarch64.rpm"
],
"noarch": [
"libtasn1-help-4.19.0-2.oe2203sp3.noarch.rpm"
],
"src": [
"libtasn1-4.19.0-2.oe2203sp3.src.rpm"
]
}