[3.9] libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion (CVE-2018-1000654)
The ASN.1 library used in GNUTLS (libtasn1) through versions 4.13 allows
for an infinite loop due to an issue in the
An attacker could exploit this via a crafted ASN.1 structure to causing high CPU usage until a resultant out-of-memory error.
(from redmine: issue id 10519, created on 2019-05-31)
- parent #10517 (closed)