CVE-2016-2053

CVSS v3.0 4.7 (Medium)

CVSS v2.0 4.7 (Medium)

EPSS 0.05 % (23^th)

Affected Products 1

Advisories 25

The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.

Weaknesses

CWE-310: Cryptographic Issues

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2016-05-02 10:59:25
(8 years ago)
Updated Date: 2018-08-30 16:52:38
(6 years ago)

Affected Products

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel prior 4.3 version	cpe:2.3:o:linux:linux_kernel		< 4.3