CVE-2015-1182

NameCVE-2015-1182
DescriptionThe asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1.0 through 1.2.12 and 1.3.x through 1.3.9 does not properly initialize a pointer in the asn1_sequence linked list, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ASN.1 sequence in a certificate.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-144-1, DSA-3136-1
NVD severityhigh (attack range: remote)
Debian Bugs775776

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
polarssl (PTS)wheezy, wheezy (security)1.2.9-1~deb7u6fixed
jessie1.3.9-2.1+deb8u2fixed
jessie (security)1.3.9-2.1+deb8u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
polarsslsource(unstable)1.3.9-2.1high775776
polarsslsourcesqueeze1.2.9-1~deb6u4highDLA-144-1
polarsslsourcewheezy1.2.9-1~deb7u5highDSA-3136-1

Notes

https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04

Search for package or bug name: Reporting problems