security-tracker.debian.org Open in urlscan Pro
2a04:4e42:8e::644  Public Scan

URL: https://security-tracker.debian.org/tracker/CVE-2021-46848
Submission: On October 06 via api from US — Scanned from DE

Form analysis 1 forms found in the DOM

GET /tracker/

<form method="get" id="searchform" action="/tracker/">Search for package or bug name: <input type="text" name="query" onkeyup="onSearch(this.value)" onmousemove="onSearch(this.value)"><input type="submit" value="Go">
  <a href="/tracker/data/report">Reporting problems</a></form>

Text Content

CVE-2021-46848

NameCVE-2021-46848DescriptionGNU Libtasn1 before 4.19.0 has an ETYPE_OK
off-by-one array size check that affects asn1_encode_simple_der.SourceCVE (at
NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE,
GitHub advisories/code/issues, web search, more)ReferencesDLA-3263-1


VULNERABLE AND FIXED PACKAGES

The table below lists information on source packages.

Source PackageReleaseVersionStatuslibtasn1-6
(PTS)bullseye4.16.0-2+deb11u1fixedbookworm4.19.0-2fixedsid, trixie4.19.0-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian
Bugslibtasn1-6sourcebuster4.13-3+deb10u1DLA-3263-1libtasn1-6sourcebullseye4.16.0-2+deb11u1libtasn1-6source(unstable)4.19.0-2


NOTES

https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5 (v4.19.0)
https://gitlab.com/gnutls/libtasn1/-/issues/32


--------------------------------------------------------------------------------

Search for package or bug name: Reporting problems

Home - Debian Security - Source (Git)