Security Advisory - Multiple Vulnerabilities in the X.509 Implementation in Some Huawei Products

There is a denial of service vulnerability in some Huawei products. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products. (Vulnerability ID: HWPSIRT-2018-12392)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-5275.

There is a denial of service vulnerability in some Huawei products. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service attack on the affected products. (Vulnerability ID: HWPSIRT-2018-12394)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-5274.

There is a denial of service vulnerability in some Huawei products. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a denial of service on the affected products. (Vulnerability ID: HWPSIRT-2018-12396)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-5273.

Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-eudemon-en