OESA-2026-2166 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

SUSE CVE-2026-40253

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...

CVE-2026-40253

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

CVE-2026-40253

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...

EulerOS Virtualization 2.10.0 : gnutls (EulerOS-SA-2026-1169)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of...

EulerOS Virtualization 2.10.1 : gnutls (EulerOS-SA-2026-1118)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of...

MiracleLinux 7 : libtasn1-4.10-1.el7 (AXSA:2017-1751:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1751:01 advisory. Libtasn1 is a library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures...

MiracleLinux 8 : libtasn1-4.13-5.el8_10 (AXSA:2025-9891:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9891:01 advisory. libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS CVE-2024-12133 Tenable has extracted the preceding description block directly...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gnutls (UTSA-2025-991321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991321 advisory. A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate...

Moderate: Red Hat Security Advisory: libtasn1 security update

An update for libtasn1 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : gnutls (RHSA-2025:17361)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17361 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such a...

RLSA-2025:7076 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 For more details...

RockyLinux 9 : libtasn1 (RLSA-2025:7077)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7077 advisory. libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS CVE-2024-12133 Tenable has extracted the preceding description block directly from...

RLSA-2025:4051 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 For more details...

RLSA-2025:4049 Moderate: libtasn1 security update

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: Inefficient DER Decoding in libtasn1 Leading ...

Medium: libtasn1

Issue Overview: When an input DER data contains a large number of SEQUENCE OF or SET OF elements, decoding the data and searching a specific element in it take quadratic time to complete. This could be utilized for a remote DoS attack by presenting a crafted certificate to the network peer...

Medium: gnutls

Issue Overview: A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send...

RHEL 9 : libtasn1 (RHSA-2025:8021)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8021 advisory. A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and...

RHEL 9 : gnutls (RHSA-2025:7076)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7076 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...

libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate,...