Primary

Context

libtasn1 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Patched

A stack-based buffer overflow vulnerability has been identified in libtasn1 version 4.20.0. The issue arises in the asn1_expend_octet_string function, which fails to properly validate the size of input data, leading to the buffer overflow.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can potentially be exploited to execute arbitrary code.

Remediation

Users can update to the latest version of libtasn1 to address this vulnerability. The fixed version is available in the official libtasn1 repository on GitLab.

Added: Jan 7, 2026, 10:33 PM

Updated: Jan 7, 2026, 10:33 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

10.0

exploitability

4.4

remediation

7.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

10.0

exploitability

4.4

remediation

7.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libtasn1 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Remediation

Affected Products

GNU libtasn1

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating